CVE-2013-7233

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and…

mitre·CWE-352·Published 2013-12-30

CVSS

—

EPSS

0.04

KEV

Exploits

cve.orgen

268 chars

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.

NVDen

268 chars

NVDes

295 chars

V ulnerabilidad Cross-site request forgery (CSRF) en el componente retrospam en wp-admin/options-discussion.php en WordPress 2.0.11 y anteriores permite a atacantes remotos secuestrar la autenticación de los administradores de las solicitudes que mueven comentarios a la moderación de la lista.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P