{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-20T18:21:31.749","vulnerabilities":[{"cve":{"id":"CVE-2013-5977","sourceIdentifier":"cve@mitre.org","published":"2013-11-01T15:55:03.267","lastModified":"2026-06-16T23:59:50.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allows remote attackers to hijack the authentication of administrators for requests that (1) create or modify products or conduct cross-site scripting (XSS) attacks via the (2) Product name or (3) Price description field in a product save action via a request to wp-admin/admin.php."},{"lang":"es","value":"Vulnerabilidad de Cross-site request Forgery (CSRF) en Cart66Product.php en el plugin Cart66 Lite anterior a 1.5.1.15 para WordPress que  permite a atacantes remotos secuestrar la autenticación de  administrador para solicitudes de (1) crear o modificar productos o realizar  ataques cross-site scripting (XSS)  través de la (2) nombre del producto o (3) campo de descripción de precio en una acción de guardado mediante una petición a wp-admin/admin.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:*:-:*:*:*:wordpress:*:*","versionEndIncluding":"1.5.1.14","matchCriteriaId":"68C0EF0D-C49B-4993-B35E-A7BC6EA61564"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.0.7:-:*:*:*:wordpress:*:*","matchCriteriaId":"C65804BE-3FC6-4C73-ADB0-A805D1EAE01A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.0.8:-:*:*:*:wordpress:*:*","matchCriteriaId":"371E7CC1-6859-44B4-AE99-E3190F3620B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1:-:*:*:*:wordpress:*:*","matchCriteriaId":"F697161D-2D5F-4DE7-86B5-10E597604DA8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1.1:-:*:*:*:wordpress:*:*","matchCriteriaId":"9557CB90-B469-4596-BA81-6F23CAD9923B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1.2:-:*:*:*:wordpress:*:*","matchCriteriaId":"E8B66D0E-1A66-4643-9140-63963F569512"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1.3:-:*:*:*:wordpress:*:*","matchCriteriaId":"D2FC3E76-CE79-4C5D-8E1B-87E421F68D89"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1.4:-:*:*:*:wordpress:*:*","matchCriteriaId":"A6112DE0-E3FF-4290-8A9A-855415721904"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1.5:-:*:*:*:wordpress:*:*","matchCriteriaId":"90119BD7-294C-402F-B331-81C181DF1A33"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.1.6:-:*:*:*:wordpress:*:*","matchCriteriaId":"E0D546F1-3604-4732-86F1-7286E48DB9A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.3.0:-:*:*:*:wordpress:*:*","matchCriteriaId":"B79ED092-6857-4775-BC6C-B16804B5D043"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.0:-:*:*:*:wordpress:*:*","matchCriteriaId":"A8BC5054-8935-4BEE-83ED-19DCF413E067"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.1:-:*:*:*:wordpress:*:*","matchCriteriaId":"EE41C341-A885-4839-B7AD-897796321493"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.2:-:*:*:*:wordpress:*:*","matchCriteriaId":"F9A0B51B-9A6F-4D25-90D0-F7696B436864"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.4:-:*:*:*:wordpress:*:*","matchCriteriaId":"0599A27A-287F-4714-AF1E-A9099221E7FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.7:-:*:*:*:wordpress:*:*","matchCriteriaId":"24378CE0-5B57-4B56-A84D-3ABDCD1C7B79"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.8:-:*:*:*:wordpress:*:*","matchCriteriaId":"2BE2B92A-2025-4088-8E44-3B0C747A9496"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.4.9:-:*:*:*:wordpress:*:*","matchCriteriaId":"64922AAC-04B8-46E8-91F7-8DA882E77593"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.0:-:*:*:*:wordpress:*:*","matchCriteriaId":"BA022460-863A-4493-B3C2-BE173FE73F20"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.0.1:-:*:*:*:wordpress:*:*","matchCriteriaId":"63EC1F83-63AE-4F00-9CB4-9097DD7496EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.0.2:-:*:*:*:wordpress:*:*","matchCriteriaId":"47B98B4F-3F30-480E-9996-F96074295205"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.1:-:*:*:*:wordpress:*:*","matchCriteriaId":"F63BB3E7-6979-447D-BE4C-01F792A78D55"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.1.1:-:*:*:*:wordpress:*:*","matchCriteriaId":"44B34A11-983F-4295-B076-ADCFF8D04DE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.1.2:-:*:*:*:wordpress:*:*","matchCriteriaId":"CE42650D-B3EA-40E8-B24F-971DF4FE30B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cart66:cart66_lite_plugin:1.5.1.8:-:*:*:*:wordpress:*:*","matchCriteriaId":"83C98E5C-0795-4783-92DF-DE82678E0859"}]}]}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2013-10/0048.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://blog.noobroot.com/#%21/2013/10/0-day-wordpress-cart66-plugin-15114.html","source":"cve@mitre.org"},{"url":"http://osvdb.org/98352","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.com/files/123587/WordPress-Cart66-1.5.1.14-Cross-Site-Request-Forgery-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://seclists.org/bugtraq/2013/Oct/52","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/55265","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://wordpress.org/plugins/cart66-lite/changelog/","source":"cve@mitre.org"},{"url":"http://www.exploit-db.com/exploits/28959","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.securityfocus.com/bid/62975","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/87874","source":"cve@mitre.org"},{"url":"http://archives.neohapsis.com/archives/bugtraq/2013-10/0048.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://blog.noobroot.com/#%21/2013/10/0-day-wordpress-cart66-plugin-15114.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/98352","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://packetstormsecurity.com/files/123587/WordPress-Cart66-1.5.1.14-Cross-Site-Request-Forgery-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://seclists.org/bugtraq/2013/Oct/52","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/55265","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://wordpress.org/plugins/cart66-lite/changelog/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.exploit-db.com/exploits/28959","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.securityfocus.com/bid/62975","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/87874","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}