WordPress Plugin Vulnerabilities

WordPress Related Posts < 2.7.2 - Cross-Site Request Forgery

Description

The WordPress Related Posts WordPress plugin was affected by a Cross-Site Request Forgery security vulnerability.

Affects Plugins

Plugin icon
wordpress-23-related-posts-plugin
Fixed in 2.7.2

References

CVE
CVE-2013-3476
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/84247

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Verified
No
WPVDB ID
36985b15-c82a-495d-a3c7-e7c865923a68

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2021-03-20 (about 5 years ago)

Other

Published
Title
Published
2025-08-16
Title
ServerBuddy by PluginBuddy.com <= 1.0.5 - Cross-Site Request Forgery to PHP Object Injection
Published
2023-07-26
Title
Update ands from Zip File <= 2.0.0 - CSRF
Published
2014-08-01
Title
ThinkIT <= 0.3 - wp-admin/admin.php Contact Form Deletion CSRF
Published
2023-11-08
Title
Plainview Protect Passwords <= 1.4 - Cross-Site Request Forgery
Published
2023-01-13
Title
eExamhall <= 4.0 - CSRF