Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin before 5.3.5 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors.
CVSS Score
6.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bufferapp | Digg Digg | <= 5.3.4 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/53120
- http://wordpress.org/plugins/digg-digg/changelog/Patch
- http://www.securityfocus.com/bid/60046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84418
- http://secunia.com/advisories/53120
- http://wordpress.org/plugins/digg-digg/changelog/Patch
- http://www.securityfocus.com/bid/60046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84418
FAQ
What is CVE-2013-3258?
CVE-2013-3258 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin before 5.3.5 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via un...
How severe is CVE-2013-3258?
CVE-2013-3258 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3258?
Check the references section above for vendor advisories and patch information. Affected products include: Bufferapp Digg Digg.