CVE Database · CVE-2013-3250
CVSS v3.1
N/A
EPSS
0.95%
Published
Jun 21, 2013
Modified
Apr 28, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
Weaknesses (CWE)
Affected Products (8)
References (4)
