Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-7233

Опубликовано: 30 дек. 2013
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
Версия до 2.0.11 (включая)
cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*

EPSS

Процентиль: 67%
0.0055
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

ubuntu логотип

CVE-2013-7233

ubuntu
больше 11 лет назад

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.

debian логотип

CVE-2013-7233

debian
больше 11 лет назад

Cross-site request forgery (CSRF) vulnerability in the retrospam compo ...

github логотип

GHSA-g5w2-qwqg-v4vf

github
около 3 лет назад

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.

EPSS

Процентиль: 67%
0.0055
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352