WordPress Custom Website Data Plugin Cross-Site Request Forgery Vulnerability

Custom Website Data plugin for WordPress is prone to a cross-site request-forgery vulnerability.

An attacker can exploit this issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.

Custom Website Data 1.2 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus