CVE-2013-3720

{"id": "CVE-2013-3720", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-05-31T12:20:25.877", "references": [{"url": "http://plugins.trac.wordpress.org/changeset?old_path=%2Ffeedweb&old=689612&new_path=%2Ffeedweb&new=689612", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/52855", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://wordpress.org/extend/plugins/feedweb/changelog/", "source": "cve@mitre.org"}, {"url": "http://www.darksecurity.de/advisories/2013/SSCHADV2013-004.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wp_post_id parameter."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3nd de secuencias de comandos en sitios cruzados (XSS) en widget_remove.php en el complemento Feedweb anterior a v1.9 para WordPress permite a administradores autenticados a inyectar secuencias de comandos Web o HTML a trav\u00e9s del par\u00e1metro wp_post_id."}], "lastModified": "2013-08-27T12:58:29.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:feedweb:feedweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7B59786-2A4A-49F1-87E3-B9CAEF2A2F9F", "versionEndIncluding": "1.8.8"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC5E70AA-CE60-4248-8C0B-DCF90B613375"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0003EFB-B441-4447-A266-A86F74D84A41"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C239ADFE-F698-4745-94A3-FCF6F7CA16D0"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21367004-61EE-4914-9E65-2126CB03D00B"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "989FFD38-47AE-434A-84D3-66BE3D8C24BC"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38DF5070-058A-4F6A-9E88-8A2919D8EC6F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1166CE06-0ABD-4985-83B2-247DA83334BB"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "463079FE-42E1-423F-9F57-66EA7C8AA06D"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54AAC1F4-A039-4EDA-BD2A-DCDD83920FEA"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CDF2EE3-0B1D-4AD8-9618-2050778CFD2D"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "228A383F-ECEC-4B93-9C91-B29984E3CD5F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EC4ADDC-488F-463B-A210-DE2D3DA64356"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "679FA353-FE9C-49CC-83CB-9B3C43D02691"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "344DD72D-3181-4CA5-9716-7871412B351E"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B34209CF-110C-45FA-8AD7-2FD3444BF7AD"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30B3948F-A06E-4D9A-9C23-2B5D7B612822"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F55903A-EA51-4040-A7DC-AB8B2FA49F95"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A952F9DC-4A31-481B-909D-A136E75BBDFB"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE7950A7-4DC9-4015-8CAB-A71DA54C0A19"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5620A752-6748-4370-9F49-5469C8362117"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "029FB947-1AAD-4020-A087-26F44465D8DC"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE55E5E9-E340-49B1-A2CB-83E7C3E2FFB8"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5A0F535-8AD3-4613-8FDB-39966BA3A796"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0380986C-3883-4421-8156-2C37D5EFDC44"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C76D87DE-4885-4407-B7F1-EEAF5C797B44"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6CD6592-9D62-4493-A767-3FD9A7809F3E"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4E27E8F-4561-431B-8A5F-2D45C175DBB9"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8349613A-1BE3-4A46-AA6C-C28BA6F01A17"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAC9B419-5F37-4757-830A-5410FF2CBDB1"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC45E8B9-6331-4A10-951D-AB0690C328AC"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07C50DF8-F79C-4151-A671-1B8DBAB02153"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BCE9656-145C-477E-B951-84F6F827BD8A"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D10759BF-90E3-47EF-8A2B-0E0E064B652D"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A095BE44-D925-4B71-B89B-A7B3CA37A22D"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "495AC249-C594-4D88-BDD7-352B28792EE3"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C489F67B-FA3D-4D81-B8B5-94D87100CBD0"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC1D66C0-8B7D-4FCA-B7E9-9A3408FA8D8E"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6337D578-44F3-4DC0-9340-9C8D1666A19F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D6B62A6-CAC5-482D-B211-0FF73E31911F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E969F8B-3A3F-48AC-A728-4F5980D1B7A9"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB983BAA-8C96-4E26-B855-58E4B46565CE"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA5CEA6B-A012-4737-830C-78039CDB15A4"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "739498D9-BEE7-4ECC-9191-3F0BF25BFE58"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79CDDCFC-68AC-435F-99C3-F66E08E984CB"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26407BDC-99AF-4C19-BB53-152B2EED8165"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45FF1E7D-76A4-4BA4-AECA-3C6CAC2E695C"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB4B45F5-4818-4517-8CB0-7CCE97BF79AF"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D366735E-0029-4F02-8844-2578C4CF36AF"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06B6795D-53A0-4251-9F78-107C01CC980B"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4904C1AE-697B-42C2-B051-F8ECC8FFD3DA"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "901A014E-ACBE-424F-A6B5-3AAB7BF19767"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28D5E906-487A-4856-9E28-43E162C51C02"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD18FC34-BF44-4AEE-AF6A-47BFE490AFDB"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "086ADE2D-F461-4B17-B937-100EC0B411A7"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6FA75DC-9B89-4C31-94B9-9255DBC04F7B"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEA74A0E-4B30-4113-BD44-84ADD6820199"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC284AA3-B336-494E-A031-6DB25FAEFB84"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F583F116-9A71-47B1-833F-FAA5FDB30F95"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5F62048-C4BF-48D7-88BF-6BE0F8237362"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F989E8FC-E356-40C4-81E5-09D73AD7A103"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.5.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DB8D297-288D-48B8-9847-8A7E5DE7325F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "693B7A44-2D48-4239-A6CB-EC994F84228F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47164DE1-D38E-41CC-94B4-82D15D1D4A70"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B6A2192-418E-4706-BBF9-D882514E5CC5"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5A018BC-CFAC-48CA-B18C-67AC7C9D5C88"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EEB5360-1C75-4C6F-97E5-2631FE1DDE43"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "529D9895-9C35-44D2-908A-B5E91ADE7F15"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5EC5455-BBAF-43C5-84F4-17A773DF30D2"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98C3B7E5-6912-4602-AA6E-6ADC7DDA63DD"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63A7774F-3745-49B8-BDF1-724925E1526F"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81F0FF93-ED2E-4081-97FD-C98B8254E815"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CEB3F31-F11E-4D0A-9AA0-789D2A155BD6"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC43368E-9015-480D-AF20-BB4ED4721834"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7963BAD-F8E3-4C4A-BBB2-4CAD89420A72"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5CD5C45-2791-4922-B381-5D9C0043F422"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F1E3388-87DB-4991-AD2C-E406E2628984"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "178E5EDF-FE34-4157-B49F-B9E51E742E05"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5619EF4-4BD5-4E97-B27F-0E8AF42209C1"}, {"criteria": "cpe:2.3:a:feedweb:feedweb:1.8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B3B28F5-1BA5-48CA-ACB6-C3EFA495132F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}