CVE-2013-7233

EPSS 0.30%

Published: 12/30/2013Modified: 5/27/2026

Description

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.

Affected packages (1)

Debian/wordpressfrom 0

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-7233