Lucene search
FlexeraCVE-2013-3477HistoryMay 27, 2014 - 3:00 p.m.
CVE-2013-3477
2014-05-2715:00:00
CWE-352
flexera
web.nvd.nist.gov
23
cve-2013-3477
csrf
related posts
zemanta
wordpress
vulnerability
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.002
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in the Related Posts by Zemanta plugin before 1.3.2 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that change settings via unknown vectors.
Affected configurations
Node
zemantarelated_postsRange≤1.3.1wordpress
ORzemantarelated_postsMatch1.0wordpress
ORzemantarelated_postsMatch1.1wordpress
ORzemantarelated_postsMatch1.2wordpress
ORzemantarelated_postsMatch1.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zemanta | related_posts | * | cpe:2.3:a:zemanta:related_posts:*:*:*:*:*:wordpress:*:* |
| zemanta | related_posts | 1.0 | cpe:2.3:a:zemanta:related_posts:1.0:*:*:*:*:wordpress:*:* |
| zemanta | related_posts | 1.1 | cpe:2.3:a:zemanta:related_posts:1.1:*:*:*:*:wordpress:*:* |
| zemanta | related_posts | 1.2 | cpe:2.3:a:zemanta:related_posts:1.2:*:*:*:*:wordpress:*:* |
| zemanta | related_posts | 1.3 | cpe:2.3:a:zemanta:related_posts:1.3:*:*:*:*:wordpress:*:* |
Related
wpvulndb
wpvulndb
Related Posts by Zemanta 1.3.1 - Cross-Site Request Forgery
2014-08-01 10:59:00
patchstack
patchstack
WordPress Related Posts Plugin <= 1.3.1 - CSRF
2013-05-07 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-05-27 14:55:00
nvd
nvd
CVE-2013-3477
2014-05-27 14:55:10
cvelist
cvelist
CVE-2013-3477
2014-05-27 15:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.002
Percentile
52.7%
Related for CVE-2013-3477