CVE-2013-2700 Information

Description

Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.

Reference

http://osvdb.org/92113 http://secunia.com/advisories/52876 http://wordpress.org/plugins/wp125/changelog https://plugins.trac.wordpress.org/changeset/692721