Lucene search
HistoryAug 08, 2013 - 8:55 p.m.
CVE-2013-3256
cve-2013-3256
csrf
shareaholic sexybookmarks
wordpress
vulnerability
nvd
security
plugin
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for WordPress allows remote attackers to hijack the authentication of users for requests that “manipulate plugin settings.”
Affected configurations
Node
shareaholicsexybookmarksMatch6.1.4.0
wordpresswordpressMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| shareaholic:sexybookmarks | shareaholic sexybookmarks | eq | 6.1.4.0 |
Related
wpvulndb
wpvulndb
SexyBookmarks - Setting Manipulation CSRF
2014-08-01 10:59:02
patchstack
patchstack
WordPress Shareaholic SexyBookmarks Plugin <= 6.1.4.0 - CSRF
2013-04-22 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-08-08 20:55:00
cvelist
cvelist
CVE-2013-3256
2013-08-08 20:00:00
nvd
nvd
CVE-2013-3256
2013-08-08 20:55:07
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Related for CVE-2013-3256