Lucene search
FlexeraCVE-2013-3258HistoryJun 02, 2014 - 3:55 p.m.
CVE-2013-3258
2014-06-0215:55:10
CWE-352
flexera
web.nvd.nist.gov
22
cve-2013-3258
cross-site request forgery
csrf
digg digg plugin
wordpress
authentication hijacking
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin before 5.3.5 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors.
Affected configurations
Node
bufferappdigg_diggRange≤5.3.4wordpress
ORbufferappdigg_diggMatch5.0wordpress
ORbufferappdigg_diggMatch5.0.1wordpress
ORbufferappdigg_diggMatch5.0.2wordpress
ORbufferappdigg_diggMatch5.0.3wordpress
ORbufferappdigg_diggMatch5.0.4wordpress
ORbufferappdigg_diggMatch5.0.5wordpress
ORbufferappdigg_diggMatch5.1wordpress
ORbufferappdigg_diggMatch5.1.1wordpress
ORbufferappdigg_diggMatch5.1.2wordpress
ORbufferappdigg_diggMatch5.2wordpress
ORbufferappdigg_diggMatch5.2.1wordpress
ORbufferappdigg_diggMatch5.2.2wordpress
ORbufferappdigg_diggMatch5.2.3wordpress
ORbufferappdigg_diggMatch5.2.4wordpress
ORbufferappdigg_diggMatch5.2.5wordpress
ORbufferappdigg_diggMatch5.2.6wordpress
ORbufferappdigg_diggMatch5.2.7wordpress
ORbufferappdigg_diggMatch5.2.8wordpress
ORbufferappdigg_diggMatch5.2.9wordpress
ORbufferappdigg_diggMatch5.3.0wordpress
ORbufferappdigg_diggMatch5.3.1wordpress
ORbufferappdigg_diggMatch5.3.2wordpress
ORbufferappdigg_diggMatch5.3.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bufferapp | digg_digg | * | cpe:2.3:a:bufferapp:digg_digg:*:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.0 | cpe:2.3:a:bufferapp:digg_digg:5.0:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.0.1 | cpe:2.3:a:bufferapp:digg_digg:5.0.1:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.0.2 | cpe:2.3:a:bufferapp:digg_digg:5.0.2:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.0.3 | cpe:2.3:a:bufferapp:digg_digg:5.0.3:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.0.4 | cpe:2.3:a:bufferapp:digg_digg:5.0.4:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.0.5 | cpe:2.3:a:bufferapp:digg_digg:5.0.5:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.1 | cpe:2.3:a:bufferapp:digg_digg:5.1:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.1.1 | cpe:2.3:a:bufferapp:digg_digg:5.1.1:*:*:*:*:wordpress:*:* |
| bufferapp | digg_digg | 5.1.2 | cpe:2.3:a:bufferapp:digg_digg:5.1.2:*:*:*:*:wordpress:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2014-06-02 15:55:00
wpvulndb
wpvulndb
Digg Digg 5.3.4 - Setting Manipulation CSRF
2014-08-01 10:59:00
patchstack
patchstack
WordPress Digg Digg Plugin <= 5.3.4 - CSRF
2013-04-22 00:00:00
nvd
nvd
CVE-2013-3258
2014-06-02 15:55:10
cvelist
cvelist
CVE-2013-3258
2014-06-02 15:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Related for CVE-2013-3258