Lucene search

K
cve[email protected]CVE-2013-3477
HistoryMay 27, 2014 - 3:00 p.m.

CVE-2013-3477

2014-05-2715:00:00
CWE-352
web.nvd.nist.gov
21
cve-2013-3477
csrf
related posts
zemanta
wordpress
vulnerability
nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%

Cross-site request forgery (CSRF) vulnerability in the Related Posts by Zemanta plugin before 1.3.2 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that change settings via unknown vectors.

Affected configurations

NVD
Node
zemantarelated_postsRange1.3.1wordpress
OR
zemantarelated_postsMatch1.0wordpress
OR
zemantarelated_postsMatch1.1wordpress
OR
zemantarelated_postsMatch1.2wordpress
OR
zemantarelated_postsMatch1.3wordpress

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%