CVE-2013-2694

EPSS 1.99%
Veröffentlicht 28.03.2014 15:55:08
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle PSIRT-CNA@flexerasoftware.com
CVE-Watchlists
Login
Unerledigt
Login

WP Symposium <= 13.04 - Open Redirection

Open redirect vulnerability in invite.php in the WP Symposium plugin 13.04 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the u parameter.

Mögliche Gegenmaßnahme

WP Symposium: Update to version 13.05, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wpsymposiumpro ≫ Wp Symposium Version13.04 SwPlatformwordpress

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt WP Symposium

Version *-13.04

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.99%	0.781

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://osvdb.org/92274

http://secunia.com/advisories/52925

Vendor Advisory

http://www.securityfocus.com/bid/59045

https://www.wordfence.com/threat-intel/vulnerabilities/id/dd4d7c44-890c-4560-b637-cdc0ca00de31

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2013-2694

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-2694

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-2694

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2013-2694