ByteOS Network

CVE Vulnerability Details :

CVE-2013-4944

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-29 Jul, 2013 | 21:00

Updated At-06 Aug, 2024 | 16:59

▼CVE Numbering Authority (CNA)

Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin before 1.0.2 for WordPress, when the "Friend Connections" component is enabled, allows remote attackers to inject arbitrary web script or HTML via the friendship_request_message parameter to wp-admin/admin-ajax.php. NOTE: some of these details are obtained from third party information.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

References

Hyperlink	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/85416	vdb-entry x_refsource_XF
http://secunia.com/advisories/54048	third-party-advisory x_refsource_SECUNIA
http://wordpress.org/plugins/buddypress-extended-friendship-request/changelog/	x_refsource_CONFIRM
http://osvdb.org/94807	vdb-entry x_refsource_OSVDB

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/85416	vdb-entry x_refsource_XF x_transferred
http://secunia.com/advisories/54048	third-party-advisory x_refsource_SECUNIA x_transferred
http://wordpress.org/plugins/buddypress-extended-friendship-request/changelog/	x_refsource_CONFIRM x_transferred
http://osvdb.org/94807	vdb-entry x_refsource_OSVDB x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References