Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-2707

Опубликовано: 10 мая 2013
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin before 3.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:netweblogic:login_with_ajax:2.1:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.2:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:2.21:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0b:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.0b3:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.1:*:*:*:*:*:*:*
cpe:2.3:a:netweblogic:login_with_ajax:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

EPSS

Процентиль: 33%
0.00125
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

github
около 3 лет назад

Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin before 3.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.

EPSS

Процентиль: 33%
0.00125
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352