- Description
- Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors.
- Source
- PSIRT-CNA@flexerasoftware.com
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-352
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linksalpha:social_sharing_toolkit_plugin:2.1.1:-:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "A03B080E-7F0D-43B4-A2FD-2E27E2EE5435"
}
],
"operator": "OR"
}
]
}
]