Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-4717
HistoryJul 03, 2014 - 2:55 p.m.

CVE-2014-4717

2014-07-0314:55:09
CWE-352
[email protected]
web.nvd.nist.gov
1

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba_share_text parameter in a save action to wp-admin/options-general.php, which is not properly handled in the homepage, and unspecified vectors related to (2) Pages, (3) Posts, (4) Category/Archive pages or (5) post Excerpts.

Affected configurations

NVD
Node
sharethissimple_share_buttons_adderRange4.4wordpress
OR
sharethissimple_share_buttons_adderMatch1.0wordpress
OR
sharethissimple_share_buttons_adderMatch1.1wordpress
OR
sharethissimple_share_buttons_adderMatch1.2wordpress
OR
sharethissimple_share_buttons_adderMatch1.3wordpress
OR
sharethissimple_share_buttons_adderMatch1.4wordpress
OR
sharethissimple_share_buttons_adderMatch1.5wordpress
OR
sharethissimple_share_buttons_adderMatch1.6wordpress
OR
sharethissimple_share_buttons_adderMatch1.7wordpress
OR
sharethissimple_share_buttons_adderMatch1.8wordpress
OR
sharethissimple_share_buttons_adderMatch1.9wordpress
OR
sharethissimple_share_buttons_adderMatch2.0wordpress
OR
sharethissimple_share_buttons_adderMatch2.1wordpress
OR
sharethissimple_share_buttons_adderMatch2.2wordpress
OR
sharethissimple_share_buttons_adderMatch2.3wordpress
OR
sharethissimple_share_buttons_adderMatch2.4wordpress
OR
sharethissimple_share_buttons_adderMatch2.5wordpress
OR
sharethissimple_share_buttons_adderMatch2.6wordpress
OR
sharethissimple_share_buttons_adderMatch2.7wordpress
OR
sharethissimple_share_buttons_adderMatch2.8wordpress
OR
sharethissimple_share_buttons_adderMatch2.9wordpress
OR
sharethissimple_share_buttons_adderMatch3.0wordpress
OR
sharethissimple_share_buttons_adderMatch3.1wordpress
OR
sharethissimple_share_buttons_adderMatch3.2wordpress
OR
sharethissimple_share_buttons_adderMatch3.3wordpress
OR
sharethissimple_share_buttons_adderMatch3.4wordpress
OR
sharethissimple_share_buttons_adderMatch3.5wordpress
OR
sharethissimple_share_buttons_adderMatch3.6wordpress
OR
sharethissimple_share_buttons_adderMatch3.7wordpress
OR
sharethissimple_share_buttons_adderMatch3.8wordpress
OR
sharethissimple_share_buttons_adderMatch3.9wordpress
OR
sharethissimple_share_buttons_adderMatch4.0wordpress
OR
sharethissimple_share_buttons_adderMatch4.1wordpress
OR
sharethissimple_share_buttons_adderMatch4.2wordpress
OR
sharethissimple_share_buttons_adderMatch4.3wordpress

Related

wpvulndb 1
cve 1
prion 1
patchstack 1
cvelist 1
wpvulndb
wpvulndb
Simple Share Buttons Adder 4.4 - options-general.php Multiple Admin Actions CSRF
2014-06-26 00:00:00
cve
cve
CVE-2014-4717
2022-10-03 16:20:46
prion
prion
Cross site request forgery (csrf)
2014-07-03 14:55:00
patchstack
patchstack
WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities
2014-06-27 00:00:00
cvelist
cvelist
CVE-2014-4717
2022-10-03 16:20:46

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON
Related for NVD:CVE-2014-4717
wpvulndb1cve1prion1patchstack1cvelist1