Vulnerability Details : CVE-2013-10024
A vulnerability has been found in Exit Strategy Plugin 1.55 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the file exitpage.php. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 1.59 is able to address this issue. The identifier of the patch is d964b8e961b2634158719f3328f16eda16ce93ac. It is recommended to upgrade the affected component. The identifier VDB-225265 was assigned to this vulnerability.
Vulnerability category: Information leak
Products affected by CVE-2013-10024
- cpe:2.3:a:exit_strategy_project:exit_strategy:1.55:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-10024
0.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 44 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-10024
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
VulDB | |
3.5
|
LOW | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N |
2.1
|
1.4
|
VulDB | |
3.5
|
LOW | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N |
2.1
|
1.4
|
VulDB | 2024-02-29 |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2013-10024
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: cna@vuldb.com (Primary)
References for CVE-2013-10024
-
https://vuldb.com/?ctiid.225265
Login requiredPermissions Required;Third Party Advisory
-
https://vuldb.com/?id.225265
Login requiredPermissions Required;Third Party Advisory
-
https://github.com/wp-plugins/exit-strategy/commit/d964b8e961b2634158719f3328f16eda16ce93ac
Security improvements, preventing XSS, full path disclosure, and unpr… · wp-plugins/exit-strategy@d964b8e · GitHubPatch
Jump to