Cross-Site Request Forgery Vulnerabilities in WP Cleanfix Plugin by WordPress
CVE-2013-2108

5.4MEDIUM

Key Information:

Vendor

Wordpress
Status
WP Cleanfix Plugin
Vendor
CVE Published:
10 February 2020

What is CVE-2013-2108?

The WP Cleanfix Plugin version 2.4.4 for WordPress suffers from a Cross-Site Request Forgery (CSRF) vulnerability that could allow unauthorized actions to be performed by an attacker on behalf of the user. This vulnerability could lead to potential exploitation if users are tricked into clicking a malicious link while logged in to their WordPress account, enabling the attacker to execute unintended commands.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

WP Cleanfix Plugin 2.4.4

References

http://www.securityfocus.com/bid/59940
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84435
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/05/18/11
x_refsource_MISC

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.