CVE-2013-2011

Опубликовано: 26 дек. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.

Ссылки

http://www.openwall.com/lists/oss-security/2013/04/25/4
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/59473
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/83800
Third Party Advisory
VDB Entry
https://security-tracker.debian.org/tracker/CVE-2013-2011
Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/04/25/4
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/59473
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/83800
Third Party Advisory
VDB Entry
https://security-tracker.debian.org/tracker/CVE-2013-2011
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:automattic:w3_super_cache:*:*:*:*:*:wordpress:*:*

Версия до 1.3.2 (исключая)

EPSS

Процентиль: 90%

0.05908

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-116

Связанные уязвимости

GHSA-v2r5-9cm2-xw4x

github

почти 4 года назад