CVE-2013-10029

MEDIUM

Exit Box Lite Plugin <1.10 - CSRF

Title source: llm

Description

A vulnerability classified as problematic was found in Exit Box Lite Plugin up to 1.06 on WordPress. Affected by this vulnerability is the function exitboxadmin of the file wordpress-exit-box-lite.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.10 is able to address this issue. The patch is named fad26701addb862c51baf85c6e3cc136aa79c309. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230671.

References (3)

Core 3

Core References

Permissions Required, Third Party Advisory vdb-entry technical-description

https://vuldb.com/?id.230671

Permissions Required, Third Party Advisory signature permissions-required

https://vuldb.com/?ctiid.230671

Patch patch

https://github.com/wp-plugins/wordpress-exit-box-lite/commit/fad26701addb862c51baf85c6e3cc136aa79c309

View Patch ZIP pw:eip

Scores

CVSS v3 4.3

EPSS 0.0009

EPSS Percentile 24.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-352

Status published

Products (1)

angrybte/wordpress_exit_box_lite < 1.06

Published Jun 05, 2023

Tracked Since Feb 18, 2026