VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 9, 2013· Updated Apr 29, 2026

CVE-2013-3253

CVE-2013-3253

Description

Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings.

Affected products

19
  • Xhanch/My Twitter19 versions
    cpe:2.3:a:xhanch:my_twitter:2.5.8:*:*:*:*:wordpress:*:*+ 18 more
    • cpe:2.3:a:xhanch:my_twitter:2.5.8:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.5.9:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.0:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.1:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.2:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.3:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.4:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.5:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.6:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.7:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.8:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.6.9:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.7.0:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.7.1:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.7.2:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.7.3:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.7.4:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:2.7.5:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:xhanch:my_twitter:*:*:*:*:*:wordpress:*:*range: <=2.7.6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.