CVE-2013-3252

NONE EPSS 61.5%
Published Apr 10, 201412y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 10, 2014 12y ago
Last Modified Jun 16, 2026 2w ago

Description

Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors.

Threat Intelligence

EPSS Exploit Probability
61.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-352 Cross-Site Request Forgery (CSRF) Authentication

Affected Products 13

VendorProductVersionRange
lesterchanwp-postviews* ≤1.62
lesterchanwp-postviews1.00any
lesterchanwp-postviews1.01any
lesterchanwp-postviews1.02any
lesterchanwp-postviews1.10any
lesterchanwp-postviews1.11any
lesterchanwp-postviews1.20any
lesterchanwp-postviews1.30any
lesterchanwp-postviews1.31any
lesterchanwp-postviews1.40any
lesterchanwp-postviews1.50any
lesterchanwp-postviews1.60any
lesterchanwp-postviews1.61any

References 3

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.