Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2013-6797
HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-6797

2022-10-0316:14:52
mitre
www.cve.org
cve-2013-6797
cross-site request forgery
blue wrench video widget
wordpress
administrators
arbitrary urls
javascript file

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.2%

JSON

Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bw_url parameter in the bw-videos page to wp-admin/admin.php, as demonstrated by embedding a URL to a JavaScript file.

Related

wpvulndb 1
cve 1
patchstack 1
nvd 1
prion 1
wpvulndb
wpvulndb
Blue Wrench Video Widget 1.0.2 - Multiple Stored Cross-Site Scripting (XSS)
2014-08-01 10:59:05
cve
cve
CVE-2013-6797
2022-10-03 16:14:52
patchstack
patchstack
WordPress Blue Wrench Video Widget Plugin - Cross Site Request Forgery
2013-11-23 00:00:00
nvd
nvd
CVE-2013-6797
2013-11-19 04:50:57
prion
prion
Cross site request forgery (csrf)
2013-11-19 04:50:00

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.2%

JSON
Related for CVELIST:CVE-2013-6797
wpvulndb1cve1patchstack1nvd1prion1