Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-2707
nvd
cve-2013-2707
cross-site request forgery
csrf
wordpress
security vulnerability
authentication hijacking
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin before 3.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin’s settings.
Affected configurations
Node
netweblogiclogin_with_ajaxMatch2.1
ORnetweblogiclogin_with_ajaxMatch2.1.1
ORnetweblogiclogin_with_ajaxMatch2.1.2
ORnetweblogiclogin_with_ajaxMatch2.1.3
ORnetweblogiclogin_with_ajaxMatch2.1.4
ORnetweblogiclogin_with_ajaxMatch2.1.5
ORnetweblogiclogin_with_ajaxMatch2.2
ORnetweblogiclogin_with_ajaxMatch2.21
ORnetweblogiclogin_with_ajaxMatch3.0
ORnetweblogiclogin_with_ajaxMatch3.0.1
ORnetweblogiclogin_with_ajaxMatch3.0.2
ORnetweblogiclogin_with_ajaxMatch3.0.3
ORnetweblogiclogin_with_ajaxMatch3.0.4
ORnetweblogiclogin_with_ajaxMatch3.0.4.1
ORnetweblogiclogin_with_ajaxMatch3.0b
ORnetweblogiclogin_with_ajaxMatch3.0b3
ORnetweblogiclogin_with_ajaxMatch3.1
ORnetweblogiclogin_with_ajaxMatch3.1.1
wordpresswordpressMatch-
Related
wpvulndb
wpvulndb
Login With Ajax - Cross-Site Request Forgery
2014-08-01 10:58:43
patchstack
patchstack
WordPress Login With Ajax Plugin <= 3.0 - CSRF
2013-03-26 00:00:00
nvd
nvd
CVE-2013-2707
2013-05-10 11:42:30
prion
prion
Cross site request forgery (csrf)
2013-05-10 11:42:00
cvelist
cvelist
CVE-2013-2707
2022-10-03 16:15:02
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
Related for CVE-2013-2707