CVE-2013-10025

Опубликовано: 08 апр. 2023

Источник: nvd

CVSS3: 4.3

CVSS3: 8.8

CVSS2: 5

EPSS Низкий

Описание

A vulnerability was found in Exit Strategy Plugin 1.55 on WordPress and classified as problematic. Affected by this issue is the function exitpageadmin of the file exitpage.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.59 is able to address this issue. The patch is identified as d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. VDB-225266 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/wp-plugins/exit-strategy/commit/d964b8e961b2634158719f3328f16eda16ce93ac
Patch
https://vuldb.com/?ctiid.225266
Permissions Required
Third Party Advisory
https://vuldb.com/?id.225266
Third Party Advisory
https://github.com/wp-plugins/exit-strategy/commit/d964b8e961b2634158719f3328f16eda16ce93ac
Patch
https://vuldb.com/?ctiid.225266
Permissions Required
Third Party Advisory
https://vuldb.com/?id.225266
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:exit_strategy_project:exit_strategy:1.55:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 31%

0.00115

Низкий

4.3 Medium

CVSS3

8.8 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-rmp9-7hg8-mcq4

CVSS3: 8.8

github

почти 3 года назад

A vulnerability was found in Exit Strategy Plugin 1.55 and classified as problematic. Affected by this issue is the function exitpageadmin of the file exitpage.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.59 is able to address this issue. The name of the patch is d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. VDB-225266 is the identifier assigned to this vulnerability.

EPSS

Процентиль: 31%

0.00115

Низкий

4.3 Medium

CVSS3

8.8 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-352