CVE-2008-5113

Name of the Vulnerable Software and Affected Versions WordPress version 2.6.3

Description The issue allows remote attackers to conduct delayed and persistent cross-site request forgery (CSRF) attacks via crafted cookies. This can lead to actions such as deleting user accounts or causing a denial of service, resulting in the loss of application access. The issue relies on the presence of an independent vulnerability that allows cookie injection.

Recommendations For WordPress version 2.6.3, consider updating to a newer version that addresses the issue, as no specific fix is provided for this version. As a temporary workaround, restrict access to sensitive operations that rely on the REQUEST superglobal array to minimize the risk of exploitation.