Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2013-0734

CVE information

Published

8 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php..

CVSSv2.0 Score

Severity
Medium
Base Score
4.3/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:cartpauj:mingle-forum:1.0.03:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.06:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.30:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.32.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.19:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.24:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.15:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.22:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.26:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.12:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.04:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.18:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.17:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.10:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.09:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.01:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.2:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.21.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.32:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.08:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.25:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.21:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.20:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.11:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.29:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.02:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.3:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.27:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.14:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.13:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.05:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.4:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23.1:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.16:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.07:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.00:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*
  No
-