CVE-2008-0205

CVE Database · CVE-2008-0205

CVE-2008-0205

· N/AModified

CVSS v3.1

N/A

EPSS

1.88%

Published

Jan 9, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the (1) mcsp_opt_msg_no_answer or (2) mcsp_opt_msg_wrong_answer parameter to wp-admin/options-general.php.

Weaknesses (CWE)

CWE-79

Affected Products (1)

wordpress · math_comment_spam_protection_pluginvulnerable

References (8)

http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html

Exploit

http://securityreason.com/securityalert/3539

http://websecurity.com.ua/1576/

http://www.securityfocus.com/archive/1/485786/100/0/threaded

http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html

Exploit

http://securityreason.com/securityalert/3539

http://websecurity.com.ua/1576/

http://www.securityfocus.com/archive/1/485786/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs