Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1834

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1834
Last Modified 08 Apr 2014 10:39:44
Published 07 Apr 2014 11:55:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1834

Summary

Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php.

Vulnerable Systems

Application

  • Cms Tree Page View Project Cms Tree Page View 0.1

  • Cms Tree Page View Project Cms Tree Page View 0.1a

  • Cms Tree Page View Project Cms Tree Page View 0.2

  • Cms Tree Page View Project Cms Tree Page View 0.3

  • Cms Tree Page View Project Cms Tree Page View 0.4

  • Cms Tree Page View Project Cms Tree Page View 0.4.1

  • Cms Tree Page View Project Cms Tree Page View 0.4.2

  • Cms Tree Page View Project Cms Tree Page View 0.4.3

  • Cms Tree Page View Project Cms Tree Page View 0.4.4

  • Cms Tree Page View Project Cms Tree Page View 0.4.5

  • Cms Tree Page View Project Cms Tree Page View 0.4.6

  • Cms Tree Page View Project Cms Tree Page View 0.4.7

  • Cms Tree Page View Project Cms Tree Page View 0.4.8

  • Cms Tree Page View Project Cms Tree Page View 0.4.9

  • Cms Tree Page View Project Cms Tree Page View 0.5

  • Cms Tree Page View Project Cms Tree Page View 0.5.1

  • Cms Tree Page View Project Cms Tree Page View 0.5.2

  • Cms Tree Page View Project Cms Tree Page View 0.5.3

  • Cms Tree Page View Project Cms Tree Page View 0.5.4

  • Cms Tree Page View Project Cms Tree Page View 0.5.5

  • Cms Tree Page View Project Cms Tree Page View 0.5.6

  • Cms Tree Page View Project Cms Tree Page View 0.5.7

  • Cms Tree Page View Project Cms Tree Page View 0.6

  • Cms Tree Page View Project Cms Tree Page View 0.6.1

  • Cms Tree Page View Project Cms Tree Page View 0.6.2

  • Cms Tree Page View Project Cms Tree Page View 0.6.3

  • Cms Tree Page View Project Cms Tree Page View 0.7

  • Cms Tree Page View Project Cms Tree Page View 0.7.1

  • Cms Tree Page View Project Cms Tree Page View 0.7.10

  • Cms Tree Page View Project Cms Tree Page View 0.7.11

  • Cms Tree Page View Project Cms Tree Page View 0.7.12

  • Cms Tree Page View Project Cms Tree Page View 0.7.13

  • Cms Tree Page View Project Cms Tree Page View 0.7.14

  • Cms Tree Page View Project Cms Tree Page View 0.7.15

  • Cms Tree Page View Project Cms Tree Page View 0.7.16

  • Cms Tree Page View Project Cms Tree Page View 0.7.17

  • Cms Tree Page View Project Cms Tree Page View 0.7.18

  • Cms Tree Page View Project Cms Tree Page View 0.7.19

  • Cms Tree Page View Project Cms Tree Page View 0.7.2

  • Cms Tree Page View Project Cms Tree Page View 0.7.20

  • Cms Tree Page View Project Cms Tree Page View 0.7.3

  • Cms Tree Page View Project Cms Tree Page View 0.7.4

  • Cms Tree Page View Project Cms Tree Page View 0.7.5

  • Cms Tree Page View Project Cms Tree Page View 0.7.6

  • Cms Tree Page View Project Cms Tree Page View 0.7.7

  • Cms Tree Page View Project Cms Tree Page View 0.7.8

  • Cms Tree Page View Project Cms Tree Page View 0.7.9

  • Cms Tree Page View Project Cms Tree Page View 0.8

  • Cms Tree Page View Project Cms Tree Page View 0.8.1

  • Cms Tree Page View Project Cms Tree Page View 0.8.2

  • Cms Tree Page View Project Cms Tree Page View 0.8.3

  • Cms Tree Page View Project Cms Tree Page View 0.8.4

  • Cms Tree Page View Project Cms Tree Page View 0.8.5

  • Cms Tree Page View Project Cms Tree Page View 0.8.6

  • Cms Tree Page View Project Cms Tree Page View 0.8.7

  • Cms Tree Page View Project Cms Tree Page View 0.8.8


References

CONFIRM - http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/

CONFIRM - http://plugins.trac.wordpress.org/changeset/523576/cms-tree-page-view

MISC - https://www.htbridge.com/advisory/HTB23083

XF - wordpress-cmstree-edit-xss(74337)

BID - 52708

OSVDB - 80573

SECUNIA - 48510


Last Updated: 27 May 2016 11:04:51