CVE-2013-6342
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
22/11/2013
Last modified:
11/04/2025
Description
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:tweet-blender:tweet-blender:*:-:-:*:-:wordpress:*:* | 4.0.1 (including) | |
| cpe:2.3:a:tweet-blender:tweet-blender:2.0.0:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.0.1:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.0.2:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.0.3:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.0.4:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.0.5:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.1.0:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.1.1:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.2.0:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.2.1:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.2.2:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.2.3:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.3.0:-:-:*:-:wordpress:*:* | ||
| cpe:2.3:a:tweet-blender:tweet-blender:2.4.0:-:-:*:-:wordpress:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2013-11/0072.html
- http://secunia.com/advisories/55780
- http://wordpress.org/plugins/tweet-blender/changelog
- https://www.htbridge.com/advisory/HTB23180
- http://archives.neohapsis.com/archives/bugtraq/2013-11/0072.html
- http://secunia.com/advisories/55780
- http://wordpress.org/plugins/tweet-blender/changelog
- https://www.htbridge.com/advisory/HTB23180