WordPress Shareaholic SexyBookmarks Plugin <= 6.1.4.0 - CSRF

2013-04-2200:00:00

Charlie Eriksen

patchstack.com

0.002 Low

EPSS

Percentile

52.7%

Because of this vulnerability, the attackers can hijack the authentication of users for requests that “manipulate plugin settings.”

Solution

           Update the plugin.

CPENameOperatorVersion
shareaholic sexybookmarksle6.1.4.0

CPE	Name	Operator	Version
	shareaholic sexybookmarks	le	6.1.4.0

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3256

0.002 Low

EPSS

Percentile

52.7%

Related for PATCHSTACK:07E5832C0DEBA7DD62AE31AE193F5338