Lucene search

K
cve[email protected]CVE-2013-3257
HistoryJun 02, 2014 - 3:55 p.m.

CVE-2013-3257

2014-06-0215:55:10
CWE-352
web.nvd.nist.gov
14
cve-2013-3257
cross-site request forgery
csrf
related posts plugin
wordpress
hijack
authentication

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%

Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors.

Affected configurations

NVD
Node
zemantarelated_postsRange2.7.1wordpress
OR
zemantarelated_postsMatch1.0wordpress
OR
zemantarelated_postsMatch1.1wordpress
OR
zemantarelated_postsMatch1.2wordpress
OR
zemantarelated_postsMatch1.3wordpress
OR
zemantarelated_postsMatch1.3.1wordpress
OR
zemantarelated_postsMatch1.3.2wordpress
OR
zemantarelated_postsMatch1.3.3wordpress
OR
zemantarelated_postsMatch1.4wordpress
OR
zemantarelated_postsMatch1.5wordpress
OR
zemantarelated_postsMatch1.6wordpress
OR
zemantarelated_postsMatch1.7wordpress
OR
zemantarelated_postsMatch1.8wordpress
OR
zemantarelated_postsMatch1.8.1wordpress
OR
zemantarelated_postsMatch2.3wordpress
OR
zemantarelated_postsMatch2.4.1wordpress
OR
zemantarelated_postsMatch2.5.1wordpress
OR
zemantarelated_postsMatch2.6wordpress
OR
zemantarelated_postsMatch2.7wordpress

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%