CVE-2013-10025 MEDIUM

CVE-2013-10025: Exit Strategy Plugin exitpage.php exitpageadmin cross-site request forgery

Vendor N/A

Product Exit Strategy Plugin

Weakness CWE-352 · CSRF

Published April 8, 2023

Last update August 6, 2024

View on NVD All CVEs

CVSS base score

4.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in Exit Strategy Plugin 1.55 on WordPress and classified as problematic. Affected by this issue is the function exitpageadmin of the file exitpage.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.59 is able to address this issue. The patch is identified as d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. VDB-225266 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

April 8, 2023 CVE published

August 6, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2013-10025 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

CVE-2013-10025: Exit Strategy Plugin exitpage.php exitpageadmin cross-site request forgery

01Description

02Disclosure timeline

03References

04Related CVE