Vulnerabilities > CVE-2013-1949 - HTML Injection vulnerability in Blinkwebeffects Social-Media-Widget 4.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
blinkwebeffects
wordpress

Summary

Social Media Widget (social-media-widget) plugin 4.0 for WordPress contains an externally introduced modification (Trojan Horse), which allows remote attackers to force the upload of arbitrary files.

Vulnerable Configurations

Part Description Count
Application
Blinkwebeffects
1
Application
Wordpress
1