What is the severity of CVE-2013-2710?

CVE-2013-2710 is classified as a medium severity vulnerability due to its potential impact on WordPress administrator accounts.

How do I fix CVE-2013-2710?

To fix CVE-2013-2710, update the Contextual Related Posts plugin to version 1.8.7 or later.

Who is affected by CVE-2013-2710?

CVE-2013-2710 affects users of the Contextual Related Posts plugin versions before 1.8.7 on WordPress sites.

What type of vulnerability is CVE-2013-2710?

CVE-2013-2710 is a cross-site request forgery (CSRF) vulnerability.

What can attackers do with CVE-2013-2710?

Attackers exploiting CVE-2013-2710 can hijack the authentication of administrators to perform unauthorized actions, potentially leading to cross-site scripting (XSS) attacks.

Vulnerability/
CVE-2013-2710

medium

6.8

CWE

352 79

2/6/2014

6/8/2024

CVE-2013-2710: CSRF

First published: Mon Jun 02 2014(Updated: )

Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via unspecified vectors.

Credit: PSIRT-CNA@flexerasoftware.com

Affected Software	Affected Version	How to fix
Ajaydsouza Contextual Related Posts	<=1.8.6
Ajaydsouza Contextual Related Posts	=1.0
Ajaydsouza Contextual Related Posts	=1.1
Ajaydsouza Contextual Related Posts	=1.1.1
Ajaydsouza Contextual Related Posts	=1.2
Ajaydsouza Contextual Related Posts	=1.2.1
Ajaydsouza Contextual Related Posts	=1.2.2
Ajaydsouza Contextual Related Posts	=1.3
Ajaydsouza Contextual Related Posts	=1.3.1
Ajaydsouza Contextual Related Posts	=1.4
Ajaydsouza Contextual Related Posts	=1.4.1
Ajaydsouza Contextual Related Posts	=1.4.2
Ajaydsouza Contextual Related Posts	=1.5
Ajaydsouza Contextual Related Posts	=1.5.1
Ajaydsouza Contextual Related Posts	=1.5.2
Ajaydsouza Contextual Related Posts	=1.6
Ajaydsouza Contextual Related Posts	=1.6.1
Ajaydsouza Contextual Related Posts	=1.6.2
Ajaydsouza Contextual Related Posts	=1.6.3
Ajaydsouza Contextual Related Posts	=1.6.4
Ajaydsouza Contextual Related Posts	=1.6.5
Ajaydsouza Contextual Related Posts	=1.7
Ajaydsouza Contextual Related Posts	=1.7.1
Ajaydsouza Contextual Related Posts	=1.7.2
Ajaydsouza Contextual Related Posts	=1.7.3
Ajaydsouza Contextual Related Posts	=1.8
Ajaydsouza Contextual Related Posts	=1.8.1
Ajaydsouza Contextual Related Posts	=1.8.2
Ajaydsouza Contextual Related Posts	=1.8.3
Ajaydsouza Contextual Related Posts	=1.8.4
Ajaydsouza Contextual Related Posts	=1.8.5

Remedy

http://wordpress.org/plugins/contextual-related-posts/changelog/

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2710?
CVE-2013-2710 is classified as a medium severity vulnerability due to its potential impact on WordPress administrator accounts.
How do I fix CVE-2013-2710?
To fix CVE-2013-2710, update the Contextual Related Posts plugin to version 1.8.7 or later.
Who is affected by CVE-2013-2710?
CVE-2013-2710 affects users of the Contextual Related Posts plugin versions before 1.8.7 on WordPress sites.
What type of vulnerability is CVE-2013-2710?
CVE-2013-2710 is a cross-site request forgery (CSRF) vulnerability.
What can attackers do with CVE-2013-2710?
Attackers exploiting CVE-2013-2710 can hijack the authentication of administrators to perform unauthorized actions, potentially leading to cross-site scripting (XSS) attacks.

collector/nvd-index
agent/references
agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/remedy
agent/last-modified-date
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/ajaydsouza
canonical/ajaydsouza contextual related posts
version/ajaydsouza contextual related posts/1.8.6
version/ajaydsouza contextual related posts/1.0
version/ajaydsouza contextual related posts/1.1
version/ajaydsouza contextual related posts/1.1.1
version/ajaydsouza contextual related posts/1.2
version/ajaydsouza contextual related posts/1.2.1
version/ajaydsouza contextual related posts/1.2.2
version/ajaydsouza contextual related posts/1.3
version/ajaydsouza contextual related posts/1.3.1
version/ajaydsouza contextual related posts/1.4
version/ajaydsouza contextual related posts/1.4.1
version/ajaydsouza contextual related posts/1.4.2
version/ajaydsouza contextual related posts/1.5
version/ajaydsouza contextual related posts/1.5.1
version/ajaydsouza contextual related posts/1.5.2
version/ajaydsouza contextual related posts/1.6
version/ajaydsouza contextual related posts/1.6.1
version/ajaydsouza contextual related posts/1.6.2
version/ajaydsouza contextual related posts/1.6.3
version/ajaydsouza contextual related posts/1.6.4
version/ajaydsouza contextual related posts/1.6.5
version/ajaydsouza contextual related posts/1.7
version/ajaydsouza contextual related posts/1.7.1
version/ajaydsouza contextual related posts/1.7.2
version/ajaydsouza contextual related posts/1.7.3
version/ajaydsouza contextual related posts/1.8
version/ajaydsouza contextual related posts/1.8.1
version/ajaydsouza contextual related posts/1.8.2
version/ajaydsouza contextual related posts/1.8.3
version/ajaydsouza contextual related posts/1.8.4
version/ajaydsouza contextual related posts/1.8.5

CVE-2013-2710: CSRF

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2710?

How do I fix CVE-2013-2710?

Who is affected by CVE-2013-2710?

What type of vulnerability is CVE-2013-2710?

What can attackers do with CVE-2013-2710?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-2710?

How do I fix CVE-2013-2710?

Who is affected by CVE-2013-2710?

What type of vulnerability is CVE-2013-2710?

What can attackers do with CVE-2013-2710?