CVE-2013-0731 - OpenCVE

ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting (XSS) attacks by setting the wordpress_logged_in cookie. NOTE: this is due to an incomplete fix for a similar issue that was fixed in 1.3.2.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mailup	Wp-mailup
Wordpress	Wordpress

Configuration 1 [-]

AND

OR	cpe:2.3:a:mailup:wp-mailup::::::::
	cpe:2.3:a:mailup:wp-mailup:1.0.0:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.1.0:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.1.1:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.1.2:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.1.3:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.2:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.3:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.3.1:::::::*
	cpe:2.3:a:mailup:wp-mailup:1.21:::::::*

cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/91274
http://plugins.trac.wordpress.org/changeset?new=682420
http://secunia.com/advisories/51917
http://wordpress.org/extend/plugins/wp-mailup/changelog/
http://www.securityfocus.com/bid/58467
https://exchange.xforce.ibmcloud.com/vulnerabilities/82847

History

No history.

MITRE

Status: PUBLISHED

Assigner: flexera

Published: 2013-03-22T15:00:00

Updated: 2024-08-06T14:33:05.601Z

Reserved: 2013-01-02T00:00:00

Link: CVE-2013-0731

Vulnrichment

No data.

NVD

Status : Modified

Published: 2013-03-22T15:55:01.063

Modified: 2017-08-29T01:33:08.247

Link: CVE-2013-0731

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-03-12T00:00:00", "descriptions": [{"lang": "en", "value": "ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting (XSS) attacks by setting the wordpress_logged_in cookie. NOTE: this is due to an incomplete fix for a similar issue that was fixed in 1.3.2."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://plugins.trac.wordpress.org/changeset?new=682420"}, {"name": "58467", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/58467"}, {"name": "51917", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51917"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wordpress.org/extend/plugins/wp-mailup/changelog/"}, {"name": "91274", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/91274"}, {"name": "mailup-ajaxfunctions-security-bypass(82847)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82847"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2013-0731", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting (XSS) attacks by setting the wordpress_logged_in cookie. NOTE: this is due to an incomplete fix for a similar issue that was fixed in 1.3.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://plugins.trac.wordpress.org/changeset?new=682420", "refsource": "MISC", "url": "http://plugins.trac.wordpress.org/changeset?new=682420"}, {"name": "58467", "refsource": "BID", "url": "http://www.securityfocus.com/bid/58467"}, {"name": "51917", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51917"}, {"name": "http://wordpress.org/extend/plugins/wp-mailup/changelog/", "refsource": "CONFIRM", "url": "http://wordpress.org/extend/plugins/wp-mailup/changelog/"}, {"name": "91274", "refsource": "OSVDB", "url": "http://osvdb.org/91274"}, {"name": "mailup-ajaxfunctions-security-bypass(82847)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82847"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:33:05.601Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://plugins.trac.wordpress.org/changeset?new=682420"}, {"name": "58467", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/58467"}, {"name": "51917", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51917"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wordpress.org/extend/plugins/wp-mailup/changelog/"}, {"name": "91274", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/91274"}, {"name": "mailup-ajaxfunctions-security-bypass(82847)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82847"}]}]}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2013-0731", "datePublished": "2013-03-22T15:00:00", "dateReserved": "2013-01-02T00:00:00", "dateUpdated": "2024-08-06T14:33:05.601Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mailup:wp-mailup:*:*:*:*:*:*:*:*", "matchCriteriaId": "F57AAA05-C776-43FA-9B8E-896450DE5BBB", "versionEndIncluding": "1.3.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B340CF5F-EC94-4F1E-87B1-43998031DE6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B9FE4AA1-06E0-47D8-8501-C58C6573E778", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D5DAA7E0-A9B1-484E-95CC-509DC1DEBC65", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "05BA2D74-AD47-48A8-9331-C145344FBAAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FDA1B5EE-2C81-438E-827C-5FBB10C15BFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7D3EE635-FC80-4202-AEF8-08F65DB470B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7714C1C-0C2E-4F42-A3D7-B70DD804E60C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B1A03224-76C4-40BB-B879-3EA0E9684A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailup:wp-mailup:1.21:*:*:*:*:*:*:*", "matchCriteriaId": "D01C0A0D-EA5C-4D50-9CB0-7ABC9DD250FF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*", "matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting (XSS) attacks by setting the wordpress_logged_in cookie. NOTE: this is due to an incomplete fix for a similar issue that was fixed in 1.3.2."}, {"lang": "es", "value": "ajax.functions.php en el complemento MailUp anterior a v1.3.3 para WordPress no restringe correctamente el acceso a las funciones especificadas Ajax, lo que permite a atacantes remotos modificar la configuraci\u00f3n del complemento y realizar cross-site scripting (XSS) mediante el establecimiento de la cookie wordpress_logged_in. NOTA: esto se debe a una correcci\u00f3n incompleta de un problema similar que se fij\u00f3 en v1.3.2."}], "id": "CVE-2013-0731", "lastModified": "2017-08-29T01:33:08.247", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-22T15:55:01.063", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://osvdb.org/91274"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Exploit", "Patch"], "url": "http://plugins.trac.wordpress.org/changeset?new=682420"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51917"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://wordpress.org/extend/plugins/wp-mailup/changelog/"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/58467"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82847"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}