CVE-2013-10025

Exit Strategy Plugin exitpage.php exitpageadmin cross-site request forgery

CVSS 4.3 MEDIUMEPSS 0.4%CWE-352

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

08 abr 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A vulnerability was found in Exit Strategy Plugin 1.55 on WordPress and classified as problematic. Affected by this issue is the function exitpageadmin of the file exitpage.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.59 is able to address this issue. The patch is identified as d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. VDB-225266 is the identifier assigned to this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Produtos afetados

n/a · Exit Strategy Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/wp-plugins/exit-strategy/commit/d964b8e961b2634158719f3328f16eda16ce93ac https://vuldb.com/?ctiid.225266 https://vuldb.com/?id.225266