Lucene search
HistoryJun 02, 2014 - 3:55 p.m.
CVE-2013-3257
cve-2013-3257
cross-site request forgery
csrf
related posts plugin
wordpress
hijack
authentication
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors.
Affected configurations
Node
zemantarelated_postsRange≤2.7.1wordpress
ORzemantarelated_postsMatch1.0wordpress
ORzemantarelated_postsMatch1.1wordpress
ORzemantarelated_postsMatch1.2wordpress
ORzemantarelated_postsMatch1.3wordpress
ORzemantarelated_postsMatch1.3.1wordpress
ORzemantarelated_postsMatch1.3.2wordpress
ORzemantarelated_postsMatch1.3.3wordpress
ORzemantarelated_postsMatch1.4wordpress
ORzemantarelated_postsMatch1.5wordpress
ORzemantarelated_postsMatch1.6wordpress
ORzemantarelated_postsMatch1.7wordpress
ORzemantarelated_postsMatch1.8wordpress
ORzemantarelated_postsMatch1.8.1wordpress
ORzemantarelated_postsMatch2.3wordpress
ORzemantarelated_postsMatch2.4.1wordpress
ORzemantarelated_postsMatch2.5.1wordpress
ORzemantarelated_postsMatch2.6wordpress
ORzemantarelated_postsMatch2.7wordpress
Related
patchstack
patchstack
WordPress Related Posts Plugin <= 2.7.1 - CSRF
2013-04-22 00:00:00
cvelist
cvelist
CVE-2013-3257
2014-06-02 15:00:00
prion
prion
Cross site request forgery (csrf)
2014-06-02 15:55:00
nvd
nvd
CVE-2013-3257
2014-06-02 15:55:10
wpvulndb
wpvulndb
Related Posts 2.7.1 - Cross-Site Request Forgery
2014-08-01 10:59:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Related for CVE-2013-3257