Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4263

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4263
Last Modified 14 Aug 2012 12:00:00
Published 13 Aug 2012 06:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4263

Summary

Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.

Vulnerable Systems

Application

  • Bit51 Better-wp-security -

  • Bit51 Better-wp-security 0.1

  • Bit51 Better-wp-security 0.10

  • Bit51 Better-wp-security 0.11

  • Bit51 Better-wp-security 0.13

  • Bit51 Better-wp-security 0.14

  • Bit51 Better-wp-security 0.15

  • Bit51 Better-wp-security 0.16

  • Bit51 Better-wp-security 0.2

  • Bit51 Better-wp-security 0.3

  • Bit51 Better-wp-security 0.4

  • Bit51 Better-wp-security 0.5

  • Bit51 Better-wp-security 0.6

  • Bit51 Better-wp-security 0.7

  • Bit51 Better-wp-security 0.8

  • Bit51 Better-wp-security 0.9

  • Bit51 Better-wp-security 1.0

  • Bit51 Better-wp-security 1.1

  • Bit51 Better-wp-security 1.2

  • Bit51 Better-wp-security 1.3

  • Bit51 Better-wp-security 1.4

  • Bit51 Better-wp-security 1.5

  • Bit51 Better-wp-security 1.6

  • Bit51 Better-wp-security 1.7

  • Bit51 Better-wp-security 1.8

  • Bit51 Better-wp-security 1.8.1

  • Bit51 Better-wp-security 1.9

  • Bit51 Better-wp-security 2.0

  • Bit51 Better-wp-security 2.1

  • Bit51 Better-wp-security 2.10

  • Bit51 Better-wp-security 2.11

  • Bit51 Better-wp-security 2.12

  • Bit51 Better-wp-security 2.13

  • Bit51 Better-wp-security 2.14

  • Bit51 Better-wp-security 2.15

  • Bit51 Better-wp-security 2.16

  • Bit51 Better-wp-security 2.17

  • Bit51 Better-wp-security 2.18

  • Bit51 Better-wp-security 2.2

  • Bit51 Better-wp-security 2.3

  • Bit51 Better-wp-security 2.4

  • Bit51 Better-wp-security 2.5

  • Bit51 Better-wp-security 2.6

  • Bit51 Better-wp-security 2.7

  • Bit51 Better-wp-security 2.8

  • Bit51 Better-wp-security 2.9

  • Bit51 Better-wp-security 3.0

  • Bit51 Better-wp-security 3.0.1

  • Bit51 Better-wp-security 3.0.10

  • Bit51 Better-wp-security 3.0.11

  • Bit51 Better-wp-security 3.0.12

  • Bit51 Better-wp-security 3.0.2

  • Bit51 Better-wp-security 3.0.3

  • Bit51 Better-wp-security 3.0.4

  • Bit51 Better-wp-security 3.0.5

  • Bit51 Better-wp-security 3.0.6

  • Bit51 Better-wp-security 3.0.7

  • Bit51 Better-wp-security 3.0.8

  • Bit51 Better-wp-security 3.0.9

  • Bit51 Better-wp-security 3.1

  • Bit51 Better-wp-security 3.2

  • Bit51 Better-wp-security 3.2.1

  • Bit51 Better-wp-security 3.2.2

  • Bit51 Better-wp-security 3.2.3

  • Bit51 Better-wp-security 3.2.4

  • Bit51 Better-wp-security 3.2.5


References

XF - betterwpsecurity-admin-xss(75523)

BID - 53480

CONFIRM - http://plugins.trac.wordpress.org/changeset?old_path=%2Fbetter-wp-security&old=542852&new_path=%2Fbetter-wp-security&new=542852

MISC - http://packetstormsecurity.org/files/112617/WordPress-Better-WP-Security-Cross-Site-Scripting.html

CONFIRM - http://bit51.com/software/better-wp-security/changelog/


Last Updated: 27 May 2016 10:51:40