Lucene search
HistoryApr 10, 2014 - 8:29 p.m.
CVE-2013-3252
cve-2013-3252
cross-site request forgery
csrf
wp-postviews plugin
wordpress
remote attackers
authentication hijacking
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.6%
Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors.
Affected configurations
Node
lesterchanwp-postviewsRange≤1.62wordpress
ORlesterchanwp-postviewsMatch1.00wordpress
ORlesterchanwp-postviewsMatch1.01wordpress
ORlesterchanwp-postviewsMatch1.02wordpress
ORlesterchanwp-postviewsMatch1.10wordpress
ORlesterchanwp-postviewsMatch1.11wordpress
ORlesterchanwp-postviewsMatch1.20wordpress
ORlesterchanwp-postviewsMatch1.30wordpress
ORlesterchanwp-postviewsMatch1.31wordpress
ORlesterchanwp-postviewsMatch1.40wordpress
ORlesterchanwp-postviewsMatch1.50wordpress
ORlesterchanwp-postviewsMatch1.60wordpress
ORlesterchanwp-postviewsMatch1.61wordpress
Related
wpvulndb
wpvulndb
WP-PostViews 1.62 - Setting Manipulation CSRF
2014-08-01 10:58:55
nvd
nvd
CVE-2013-3252
2014-04-10 20:29:20
patchstack
patchstack
WordPress WP PostViews Plugin <= 1.62 - CSRF
2013-04-22 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-04-10 20:29:00
cvelist
cvelist
CVE-2013-3252
2014-04-10 14:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.6%
Related for CVE-2013-3252