CVE-2013-6342

{"id": "CVE-2013-6342", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-11-22T20:55:10.820", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0072.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/55780", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://wordpress.org/plugins/tweet-blender/changelog", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://www.htbridge.com/advisory/HTB23180", "tags": ["Exploit"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php."}, {"lang": "es", "value": "Vulnerabilidad de XSS en el plugin Tweet Blender anterior a la versi\u00f3n 4.0.2 para WordPress permite a atacantes remotos inyectar script web o HTML arbitrario a trav\u00e9s del par\u00e1metro tb_tab_index a wp-admin/options-general.php."}], "lastModified": "2013-11-25T15:20:22.060", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:*:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "BBEC1823-24AF-484B-868C-04742AF4A161", "versionEndIncluding": "4.0.1"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.0.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "C510C1BC-DF71-4928-980B-E8A142093523"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.0.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "3F6A173E-1F8A-476B-BCE7-601309F46226"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.0.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "927B19CB-E68D-44F7-B82E-7FE34B11018F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.0.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "BFE5988D-21E2-4E37-9539-CEF493075423"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.0.4:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "FB6BB4CD-54AD-4568-AA32-93DE6A61789B"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.0.5:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "F34C3BE3-029A-416D-B880-F3845CA5BB34"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.1.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "9A3EE4B5-013D-4990-8E8B-B423B6B9FB2D"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.1.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "E7F23403-DD7C-48FC-BD10-5ADCC7EF16F1"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.2.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "6893CB58-A4B2-45E6-AADA-8F1DA53CF5F7"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.2.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "66488BF1-696A-4AA5-A402-459A621D5E23"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.2.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "7E88B818-47A5-4B20-A1B6-97827B28E293"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.2.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "ED979C50-4393-4D3B-A2D8-E0BD641B0E4F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.3.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "4E7B1662-C085-49FA-844D-12AE6DDD7E1E"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "7E02415B-E23B-43BB-9B6F-0E5EB8282FE6"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "FD1D8E89-3696-4390-B994-ABC29DF6D602"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "4D4C8CC1-5784-4D08-8CB3-1E9F4D9B5CA5"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "E86E9834-B219-4604-8400-D7D9B4E05FE7"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.4:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "004ADF41-87D0-47A1-9743-993284160FE2"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.5:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2D0813CB-C2A1-4F2B-A723-003121F87061"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.6:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "26B9FF7C-D6AD-4E11-8081-5C44E88B4210"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:2.4.7:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "9D1E807F-01AA-4B1D-9872-80FBD2307AB4"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "631E7074-50D4-4445-9E92-BDB8AD75A6B7"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "4888068F-9EAB-431F-B94D-B5ABCF7797CA"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2C3E0F2B-2A45-482B-92FD-EA66A7F87AD5"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "EF71BC24-0DB3-4E5B-81D9-7270DAD9E41D"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.4:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "45BB73CB-4ACD-47C6-B6CA-54CE6F786E42"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.5:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "D1F6D6BD-3B20-4D12-B3BA-03896BB765E9"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.6:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "8BF8793A-E826-44CD-B2E8-1ABC3781AC6F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.7:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "AE7AA69C-1737-4FE8-9858-EF3CA060C0DF"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.0.8:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "53516032-9B53-4C16-89A2-E58655956A5D"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "835657CB-EB8A-47E1-85EF-CBAE2CAEA650"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "BB0E32E6-3DFD-4975-AF0D-A069B23006DA"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "E73D4120-5E3E-45DF-A4B0-C2AC261C17F6"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "7C0DAC73-7AB0-4A1D-9EC8-B1697046D7FD"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.4:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "6E95A44D-889B-4ADE-B3FA-6AE4A55A69DC"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.5:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "DB18A84D-4DC7-4B92-85C4-4F7953EB4CDE"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.6:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "1492E622-4359-4B1A-BB94-C63EFAF33C69"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.7:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "663D9C6E-1371-4A63-AC3A-AA4751AE05CC"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.8:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "B75C5789-4E79-4B56-8925-DD7E9238ED7B"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.9:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "67AE7015-789C-4670-ABDB-DBAF96C3AE65"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.10:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "8788DF91-1BE8-4F7B-8D48-18C7667FCDC7"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.11:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2A461C90-A65B-40BB-8C1F-6A4ADCEB9FED"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.12:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "8211BD51-6BB1-455B-BACA-B851EF57BE9F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.13:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "82349B9B-B639-4624-B771-2FC1DB3EFB5F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.14:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "670D0719-C8FD-4258-A8BD-9CFA0F531315"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.15:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "1FB83728-07CA-4C03-8A6B-7EE0AE4077A3"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.16:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "CAFF6AC7-232E-4D94-88F9-CB362DDDA4A2"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.17:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "0A90D202-5A0F-4F53-9656-12BF466466A5"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.1.18:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "AC5359D8-6EA3-44A1-89BA-A11C14C4BEC8"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.2.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "F1F540AD-86DA-4301-86D2-9783CC9AD47E"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.2.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "1C9BC385-01B6-4BAA-AA06-7502203C6B1E"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.2.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "71FC87BD-B26E-46B6-956D-D78E87146CBC"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.2.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "6F2A476C-CB0C-45CE-9C98-F4DAD0BC6541"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.2.4:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "54CDA5CF-8475-45B0-8904-D16D497FB39F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "B5A45D8E-463F-4B5B-8548-38BEB8162A3C"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.1:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "B46C1ED3-5743-438D-8DB1-20AFC329D8B9"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.2:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "9362734C-5132-4716-82B6-E49F0D4F2755"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.3:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "6209263D-41F2-4814-9733-74A009D9D9CB"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.4:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "97438152-4CC3-4F9C-A19D-514B4552ADE4"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.5:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "B0D1ECEE-3452-473F-BE31-0AB459857428"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.6:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "DAA33A03-943B-4EF7-8BD1-98217D04B515"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.7:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "42CB7AF4-D7D1-42E0-B631-E917EC1E0386"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.8:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "1E1BC53E-D963-4533-958C-AAD9F1688720"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.9:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "E294CCEF-6557-4EE2-B144-A151512B685F"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.10:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "1FDE4239-7235-4CD5-A009-12BD5B8FE992"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.11:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2C69C260-D35C-4603-989C-A46735371881"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.12:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "0D1EF902-9F53-4297-86AB-7D35A783D80A"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.13:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "948EC47C-1B15-472C-B70F-90C1D16506FC"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.14:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "903BC096-396D-43CF-8AE1-B6897FE836EE"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:3.3.15:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "58448DE1-5D6F-48EF-B4C6-8F94D2F49850"}, {"criteria": "cpe:2.3:a:tweet-blender:tweet-blender:4.0.0:-:-:*:-:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "EAB94D8A-479B-4149-BC2D-729437423BFF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}