{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-05-14T18:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"name": "92113", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/92113"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wordpress.org/plugins/wp125/changelog"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://plugins.trac.wordpress.org/changeset/692721"}, {"name": "52876", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/52876"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2013-2700", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "92113", "refsource": "OSVDB", "url": "http://osvdb.org/92113"}, {"name": "http://wordpress.org/plugins/wp125/changelog", "refsource": "CONFIRM", "url": "http://wordpress.org/plugins/wp125/changelog"}, {"name": "https://plugins.trac.wordpress.org/changeset/692721", "refsource": "CONFIRM", "url": "https://plugins.trac.wordpress.org/changeset/692721"}, {"name": "52876", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/52876"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:44:33.360Z"}, "title": "CVE Program Container", "references": [{"name": "92113", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/92113"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wordpress.org/plugins/wp125/changelog"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/692721"}, {"name": "52876", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/52876"}]}]}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2013-2700", "datePublished": "2014-05-14T19:00:00", "dateReserved": "2013-03-26T00:00:00", "dateUpdated": "2024-08-06T15:44:33.360Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webmaster-source:wp125:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "99B9FCE8-854D-4F92-B641-6DF6D7DF646C", "versionEndIncluding": "1.4.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.0.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "86E28C01-A224-47DF-AE09-C9BF85FCE2F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.1.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "B87194DE-1CCC-4393-9B66-416CB736EB2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.2.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "A5924A67-7AC2-42D5-AA4A-7A698AB9831E", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.3.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "DCCC7E83-0ACD-4DA2-9F46-DA5C5C078095", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.3.7:*:*:*:*:wordpress:*:*", "matchCriteriaId": "FB2F4E46-7CDB-4532-8B36-320F8FE05326", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.3.8:*:*:*:*:wordpress:*:*", "matchCriteriaId": "9B98768B-2E0B-4B5E-A11A-094C03087A63", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.3.9:*:*:*:*:wordpress:*:*", "matchCriteriaId": "19FE5A81-742B-4971-A564-30D4FA13FBB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "6EEE0501-9512-4C12-BBC1-BFD0B1995DE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.1:*:*:*:*:wordpress:*:*", "matchCriteriaId": "EDD8D26A-0B49-4A47-93DA-DFABA479273C", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.2:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4E523FF4-6768-4B7D-81BA-D71ED28B51C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.3:*:*:*:*:wordpress:*:*", "matchCriteriaId": "CDC8FBB5-8593-48BA-A002-BBD8F78392C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.4:*:*:*:*:wordpress:*:*", "matchCriteriaId": "9D43C15B-E5A4-4350-B22C-32F7838BBE32", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.5:*:*:*:*:wordpress:*:*", "matchCriteriaId": "ED92D707-457F-4000-A67E-3842C0AEEA43", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.6:*:*:*:*:wordpress:*:*", "matchCriteriaId": "E0AFBBCE-3082-4F7A-A3A1-BCE5674E939B", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.7:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4DFAF66C-7CE0-4F47-8B1D-A0F83E720EBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:webmaster-source:wp125:1.4.8:*:*:*:*:wordpress:*:*", "matchCriteriaId": "39646A91-8196-4606-BA22-0A05A1313E33", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de CSRF en la p\u00e1gina Add/Edit (adminmenus.php) en el plugin WP125 anterior a 1.5.0 para WordPress permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores para solicitudes que a\u00f1aden o editan un anuncio a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-2700", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-05-14T19:55:08.873", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://osvdb.org/92113"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/52876"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://wordpress.org/plugins/wp125/changelog"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Exploit", "Patch"], "url": "https://plugins.trac.wordpress.org/changeset/692721"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/92113"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/52876"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wordpress.org/plugins/wp125/changelog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://plugins.trac.wordpress.org/changeset/692721"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}