Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-2709
cve-2013-2709
cross-site request forgery
csrf vulnerability
foursquare checkins plugin
wordpress
remote attackers
authentication hijacking
xss sequences
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
35.7%
Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin before 1.3 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Affected configurations
Node
crunchifyfoursquare-checkinsRange≤1.2
ORcrunchifyfoursquare-checkinsMatch1.0
ORcrunchifyfoursquare-checkinsMatch1.1
wordpresswordpressMatch-
Related
cvelist
cvelist
CVE-2013-2709
2022-10-03 16:15:01
nvd
nvd
CVE-2013-2709
2013-04-26 11:41:57
prion
prion
Cross site request forgery (csrf)
2013-04-26 11:41:00
wpvulndb
wpvulndb
foursquare-checkins - CSRF
2014-08-01 10:58:59
patchstack
patchstack
WordPress Checkins Plugin <= 1.2 - CSRF
2013-03-26 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
35.7%
Related for CVE-2013-2709