CVE-2013-10030

EPSS 0.26%
Published 05.06.2023 22:15:09
Last modified 21.11.2024 01:48:42
Source cna@vuldb.com
Teams watchlist Login
Open Login

A vulnerability, which was classified as problematic, has been found in Exit Box Lite Plugin up to 1.06 on WordPress. Affected by this issue is some unknown functionality of the file wordpress-exit-box-lite.php. The manipulation leads to information disclosure. The attack may be launched remotely. Upgrading to version 1.10 is able to address this issue. The name of the patch is fad26701addb862c51baf85c6e3cc136aa79c309. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230672.

Affected products Warnungen 0 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Angrybyte ≫ Wordpress Exit Box Lite SwPlatformwordpress Version <= 1.06

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.26%	0.463

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cna@vuldb.com	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cna@vuldb.com	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://github.com/wp-plugins/wordpress-exit-box-lite/commit/fad26701addb862c51baf85c6e3cc136aa79c309

Patch

https://vuldb.com/?ctiid.230672

Third Party Advisory

Permissions Required

https://vuldb.com/?id.230672

Third Party Advisory

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2013-10030

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-10030

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-10030

EUVD