PT-2013-3484 · Unknown · Social Media Widget

Kurt Seifried

Published

2013-04-25

Updated

2013-05-01

CVE-2013-1949

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Social Media Widget plugin version 4.0

Description The issue concerns an externally introduced modification, often referred to as a Trojan Horse, within the Social Media Widget plugin. This modification enables remote attackers to force the upload of arbitrary files, potentially leading to unauthorized access or malicious activities.

Recommendations For Social Media Widget plugin version 4.0, consider removing or disabling the plugin until a clean, patched version is available to prevent the upload of arbitrary files by remote attackers.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-1949

Affected Products

Social Media Widget

PT-2013-3484 · Unknown · Social Media Widget

CVE-2013-1949

Related Identifiers

Affected Products

References · 6