============================================================ Vulnerable Software: WordPress (Version 3.4.2) Downloaded from: http://wordpress.org/latest.zip MD5SUM: (d670508d81e2fd060c2041441bc03300 *wordpress-3.4.2.zip) =========================================================== Tested: *php.ini MAGIC_QUOTES_GPC OFF* Safe mode off /* OS: Windows XP SP2 (32 bit) Apache: 2.2.21.0 PHP Version: 5.2.17.17 MYSQL: 5.5.27 =========================================================== Vuln Desc: WordPress Version 3.4.2 is vulnerable to Cross Site Request Forgery Vulnerability. The folloging CSRF exploit will change rss link if the currently logged administrator visits malicious page which containts the exploit below. ============================================================ Proof Of Concept ==================WORDPRESS 3.4.2 CSRF exploit================= ====================END OF================================= SHOUTZ AND GREAT THANKS TO ALL MY FRIENDS: =========================================================== packetstormsecurity.org packetstormsecurity.com packetstormsecurity.net securityfocus.com cxsecurity.com security.nnov.ru securtiyvulns.com securitylab.ru secunia.com securityhome.eu exploitsdownload.com exploit-db.com to all Aa Team + to all Azerbaijan Black HatZ + *Especially to my bro CAMOUFL4G3.* =========================================================== /AkaStep

How Many Girls You Have? xD))