Lucene search

[email protected]CVE-2013-3491

HistoryJul 16, 2013 - 2:08 p.m.

CVE-2013-3491

2013-07-1614:08:50

CWE-352

[email protected]

web.nvd.nist.gov

sharebar

wordpress

csrf

xss

vulnerability

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.9%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the Sharebar plugin 1.2.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) modify buttons, or (3) insert cross-site scripting (XSS) sequences.

Affected configurations

NVD

Node

mdolonsharebarMatch1.2.5

AND

wordpresswordpressMatch-

CPENameOperatorVersion
mdolon:sharebarmdolon sharebareq1.2.5

CPE	Name	Operator	Version
mdolon:sharebar	mdolon sharebar	eq	1.2.5

References

secunia.com/advisories/52948

www.securityfocus.com/bid/60956

exchange.xforce.ibmcloud.com/vulnerabilities/85438

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.9%

JSON

Related for CVE-2013-3491

wpvulndb1 prion2 nvd2 patchstack1 cvelist2 cve1