CVE-2013-2700

Name of the Vulnerable Software and Affected Versions WP125 plugin versions prior to 1.5.0

Description A cross-site request forgery (CSRF) issue exists in the Add/Edit page, specifically in the adminmenus.php file. This allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad.

Recommendations For WP125 plugin versions prior to 1.5.0, update to version 1.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the adminmenus.php file to minimize the risk of exploitation.