Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings.Referenceshttp://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitterhttp://secunia.com/advisories/53133http://forum.xhanch.com/index.php/topic%2C3806.0.htmlhttp://www.securityfocus.com/bid/61629
