CVE-2013-2696

Cross-site request forgery (CSRF) vulnerability in the All in One Webmaster plugin before 8.2.4 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:crunchify:all-in-on-webmaster:8.2:*:*:*:*:*:*:*
cpe:2.3:a:crunchify:all-in-on-webmaster:8.1:*:*:*:*:*:*:*
cpe:2.3:a:crunchify:all-in-on-webmaster:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:crunchify:all-in-on-webmaster:7.7.7:*:*:*:*:*:*:*
cpe:2.3:a:crunchify:all-in-on-webmaster:*:*:*:*:*:*:*:*
cpe:2.3:a:crunchify:all-in-on-webmaster:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:crunchify:all-in-on-webmaster:8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

Information

Published : 2013-04-25 13:55

Updated : 2013-10-07 10:48


NVD link : CVE-2013-2696

Mitre link : CVE-2013-2696


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

crunchify

  • all-in-on-webmaster

wordpress

  • wordpress