Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5178

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-5178
Last Modified 29 Jan 2013 12:00:00
Published 19 Dec 2012 06:55:55
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5178

Summary

Cross-site request forgery (CSRF) vulnerability in the Welcart plugin before 1.2.2 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that complete a purchase.

Vulnerable Systems

Application

  • Welcart Plugin 0.5

  • Welcart Plugin 0.9.1

  • Welcart Plugin 1.2.1


References

CONFIRM - http://www.welcart.com/community/archives/4524

JVNDB - JVNDB-2012-000109

JVN - JVN#53269985


Last Updated: 27 May 2016 10:55:05