Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Tipsandtricks-hq
  • Wordpress Simple Paypal Shopping Cart

Configuration 1 [-]

OR cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.2.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:1.9:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:2.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.2.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.2.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.2.9:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.3.0:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.3.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.3.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:tipsandtricks-hq:wordpress_simple_paypal_shopping_cart:3.4:*:*:*:*:wordpress:*:*
References
Link Resource
http://osvdb.org/93953
http://secunia.com/advisories/52963 Vendor Advisory
http://www.tipsandtricks-hq.com/ecommerce/wordpress-shopping-cart-change-log-319
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: flexera

Published: 2014-05-13T14:00:00

Updated: 2014-05-13T13:57:01

Reserved: 2013-03-26T00:00:00

Link: CVE-2013-2705

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2014-05-13T14:55:09.173

Modified: 2014-05-14T15:35:02.627

Link: CVE-2013-2705

JSON object: View

cve-icon Redhat Information

No data.

CWE