CVE-2013-0736

Опубликовано: 09 окт. 2013

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in the Mingle Forum plugin 1.0.34 and possibly earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) modify user privileges or (2) conduct cross-site scripting (XSS) attacks via unspecified vectors.

Ссылки

http://osvdb.org/96905
http://secunia.com/advisories/47687
Vendor Advisory
http://secunia.com/secunia_research/2013-6
Vendor Advisory
http://www.securityfocus.com/bid/62133
http://osvdb.org/96905
http://secunia.com/advisories/47687
Vendor Advisory
http://secunia.com/secunia_research/2013-6
Vendor Advisory
http://www.securityfocus.com/bid/62133

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:cartpauj:mingle-forum:*:*:*:*:*:*:*:*

Версия до 1.0.34 (включая)

cpe:2.3:a:cartpauj:mingle-forum:1.0.00:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.01:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.02:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.03:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.04:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.05:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.06:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.07:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.08:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.09:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.10:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.20:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.21:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.21.1:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.22:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.23:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.23.1:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.23.2:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.24:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.25:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.26:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.27:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.28:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.28.1:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.28.2:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.29:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.30:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.31:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.31.1:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.31.2:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.31.3:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.31.4:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.32:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.32.1:*:*:*:*:*:*:*

cpe:2.3:a:cartpauj:mingle-forum:1.0.33:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00187

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-8rpm-fcr4-3p6p

github

около 3 лет назад