WordPress Login Widget With Shortcode 'options-general.php' Cross Site Request Forgery Vulnerability

The Login Widget With Shortcode plugin for WordPress is prone to a cross-site request-forgery vulnerability.

An attacker can exploit this issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.

Login Widget With Shortcode 3.1.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus