Vulnerability Details CVE-2013-0734
Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/90432
- http://osvdb.org/90433
- http://secunia.com/advisories/52167
- http://secunia.com/secunia_research/2013-3
- http://www.securityfocus.com/bid/58059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82187
- http://osvdb.org/90432
- http://osvdb.org/90433
- http://secunia.com/advisories/52167
- http://secunia.com/secunia_research/2013-3
- http://www.securityfocus.com/bid/58059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82187
Products affected by CVE-2013-0734
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.00
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.01
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.02
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.03
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.04
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.05
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.06
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.07
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.08
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.09
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.10
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.11
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.12
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.13
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.14
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.15
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.16
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.17
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.18
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.19
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.20
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.21
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.21.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.22
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23.2
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.24
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.25
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.26
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.27
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28.2
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.29
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.30
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.2
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.3
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.4
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.32
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.32.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.33
-
cpe:2.3:a:wordpress:wordpress:-