A vulnerability classified as problematic has been found in Atahualpa Theme on WordPress. Affected is an unknown function. The manipulation leads to cross-site request forgery. Using CWE to declare the problem leads to CWE-352. The weakness was published 03/01/2017 by Spyros Gasteratos as Cross-Site Request Forgery in Atahualpa WordPress Theme as Mailinglist Post (Full-Disclosure). The advisory is shared for download at seclists.org. This vulnerability is traded as CVE-2017-20088. It is possible to launch the attack remotely. There are no technical details available. There is no exploit available. The current price for an exploit might be approx. USD $0-$5k at the moment. It is declared as not defined. As 0-day the estimated underground price was around $0-$5k. A possible mitigation has been published even before and not after the disclosure of the vulnerability.