Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/93857 - | |
References | () http://secunia.com/advisories/52881 - Vendor Advisory | |
References | () http://wordpress.org/plugins/underconstruction/changelog - |
02 Sep 2021, 18:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:jeremy_massel:underconstruction:1.02:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:1.03:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:1.06:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:1.05:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:1.07:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:1.04:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:*:*:*:*:*:wordpress:*:* cpe:2.3:a:jeremy_massel:underconstruction:1.0:*:*:*:*:wordpress:*:* |
cpe:2.3:a:underconstruction_project:underconstruction:1.07:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:*:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.05:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.06:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.0:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.01:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.02:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.03:*:*:*:*:wordpress:*:* cpe:2.3:a:underconstruction_project:underconstruction:1.04:*:*:*:*:wordpress:*:* |
Information
Published : 2014-04-10 20:29
Updated : 2024-11-21 01:52
NVD link : CVE-2013-2699
Mitre link : CVE-2013-2699
CVE.ORG link : CVE-2013-2699
JSON object : View
Products Affected
underconstruction_project
- underconstruction
CWE
CWE-352
Cross-Site Request Forgery (CSRF)