Unrated severityNVD Advisory· Published Jun 21, 2013· Updated Apr 29, 2026
CVE-2013-3250
CVE-2013-3250
Description
Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
Affected products
8cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:*:*:*:*:*:*:*:*range: <=1.8.7
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.