{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-08-09T18:00:00Z", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitter"}, {"name": "53133", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/53133"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://forum.xhanch.com/index.php/topic%2C3806.0.html"}, {"name": "61629", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/61629"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2013-3253", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitter", "refsource": "MISC", "url": "http://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitter"}, {"name": "53133", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/53133"}, {"name": "http://forum.xhanch.com/index.php/topic,3806.0.html", "refsource": "CONFIRM", "url": "http://forum.xhanch.com/index.php/topic,3806.0.html"}, {"name": "61629", "refsource": "BID", "url": "http://www.securityfocus.com/bid/61629"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:07:35.936Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitter"}, {"name": "53133", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/53133"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://forum.xhanch.com/index.php/topic%2C3806.0.html"}, {"name": "61629", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/61629"}]}]}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2013-3253", "datePublished": "2013-08-09T18:00:00Z", "dateReserved": "2013-04-22T00:00:00Z", "dateUpdated": "2024-09-16T17:48:49.148Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xhanch:my_twitter:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "B92BC38C-AFFB-434D-B54A-B5C8B720D0AA", "versionEndIncluding": "2.7.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.5.8:*:*:*:*:wordpress:*:*", "matchCriteriaId": "D2D5844B-0842-44B7-8267-C9D7006C13AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.5.9:*:*:*:*:wordpress:*:*", "matchCriteriaId": "B28E6906-A1DC-4D54-9377-F500F6C267DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "105906BE-96CA-4B74-BD80-93B5A03524D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.1:*:*:*:*:wordpress:*:*", "matchCriteriaId": "F05BFF03-A4D4-4844-A62D-6BB96660D3FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.2:*:*:*:*:wordpress:*:*", "matchCriteriaId": "AF5CE898-A7DE-450D-9D15-05D3EF411A33", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.3:*:*:*:*:wordpress:*:*", "matchCriteriaId": "DBCDD65A-F825-4101-B84E-3F4A49CC9E15", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.4:*:*:*:*:wordpress:*:*", "matchCriteriaId": "CFDE16CD-BF5E-473E-9CC7-E68B1CAC8B72", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.5:*:*:*:*:wordpress:*:*", "matchCriteriaId": "1C457854-E33A-4B27-AA1E-F3992DA7D410", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.6:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4BF43995-9B39-4C7E-96C8-D88BADD7402F", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.7:*:*:*:*:wordpress:*:*", "matchCriteriaId": "C4BCE3C7-98C8-4632-8AF7-1FFDE071F068", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.8:*:*:*:*:wordpress:*:*", "matchCriteriaId": "2D6E0C59-61F9-4468-A353-643EC3FEA558", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.6.9:*:*:*:*:wordpress:*:*", "matchCriteriaId": "0972FB1C-EA6E-4E0A-9C0F-FE45D1CDEA72", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.7.0:*:*:*:*:wordpress:*:*", "matchCriteriaId": "452197D9-16A1-4501-B721-9D26B454E386", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.7.1:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4481AC64-AE87-48E2-A697-8FB599DBDED2", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.7.2:*:*:*:*:wordpress:*:*", "matchCriteriaId": "359EE663-E25D-40BB-9EC0-98B5D60F4F35", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.7.3:*:*:*:*:wordpress:*:*", "matchCriteriaId": "694FCAC7-2284-456D-B763-A0C7DD77435A", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.7.4:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4B3AE31C-7704-4173-ABC0-E4D8EDF90898", "vulnerable": true}, {"criteria": "cpe:2.3:a:xhanch:my_twitter:2.7.5:*:*:*:*:wordpress:*:*", "matchCriteriaId": "CE69048D-0D5E-40EE-9BC8-983F28EE55C2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*", "matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en admin/setting.php en el plugin Xhanch - My Twitter anterior a v2.7.7 para WordPress permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para las peticiones que cambian configuraciones sin especificar."}], "id": "CVE-2013-3253", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-08-09T20:56:07.747", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://forum.xhanch.com/index.php/topic%2C3806.0.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Exploit", "Patch"], "url": "http://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitter"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/53133"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/61629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://forum.xhanch.com/index.php/topic%2C3806.0.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://plugins.trac.wordpress.org/changeset/750054/xhanch-my-twitter"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/53133"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/61629"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}