| |
Vulnerability CVE-2013-2708
Published: 2014-04-11
| Description: |
Cross-site request forgery (CSRF) vulnerability in the Content Slide plugin 1.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. |
Type:
CWE-352 (Cross-Site Request Forgery (CSRF))
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.8/10 |
6.4/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://secunia.com/advisories/52949
http://osvdb.org/93871
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
