Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4618

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4618
Last Modified 29 Jan 2013 12:00:00
Published 23 Jan 2013 08:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4618

Summary

Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Vulnerable Systems

Application

  • Simplerealtytheme Advanced Text Widget Plugin 2.0.1


References

XF - advancedtextwidget-advancedtext-xss(71412)

BID - 50744

BUGTRAQ - 20111121 Wordpress advanced-text-widget Plugin Vulnerabilities

MLIST - [oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=

MISC - http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities

CONFIRM - http://wordpress.org/extend/plugins/advanced-text-widget/changelog/

CONFIRM - http://plugins.trac.wordpress.org/changeset?reponame=&new=466102@advanced-text-widget&old=465828@advanced-text-widget

BUGTRAQ - 20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities


Last Updated: 27 May 2016 10:49:52