6.8
CVE-2013-2693
- EPSS 1.08%
- Veröffentlicht 10.04.2014 20:29:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle PSIRT-CNA@flexerasoftware.com
- CVE-Watchlists
- Unerledigt
LoginWP-Print <= 2.51 - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in the Options in the WP-Print plugin before 2.52 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unspecified vectors.
Mögliche Gegenmaßnahme
WP-Print: Update to version 2.52, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Wp-plugins ≫ Wp-print SwPlatformwordpress Version <= 2.51
Wp-plugins ≫ Wp-print Version2.00 Update- SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.00 Updatea SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.01 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.02 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.03 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.04 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.05 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.06 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.10 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.11 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.20 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.30 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.31 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.40 SwPlatformwordpress
Wp-plugins ≫ Wp-print Version2.50 SwPlatformwordpress
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
WP-Print
Version
[*, 2.52)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.08% | 0.606 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
http://osvdb.org/92053
http://secunia.com/advisories/52878
http://wordpress.org/plugins/wp-print/changelog
https://www.wordfence.com/threat-intel/vulnerabilities/id/6f8945e9-51db-46aa-b198-3762b6628553