Lucene search

[email protected]CVE-2010-4825

HistoryAug 24, 2011 - 10:55 a.m.

CVE-2010-4825

2011-08-2410:55:05

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-4825

xss

vulnerability

twitter feed

wordpress

magpie_debug.php

web script

html

nvd

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

73.7%

JSON

Cross-site scripting (XSS) vulnerability in magpie_debug.php in the Twitter Feed plugin (wp-twitter-feed) 0.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.

Affected configurations

NVD

Node

pleerwp-twitter-feedMatch0.3.1

AND

wordpresswordpress

CPENameOperatorVersion
pleer:wp-twitter-feedpleer wp-twitter-feedeq0.3.1

CPE	Name	Operator	Version
pleer:wp-twitter-feed	pleer wp-twitter-feed	eq	0.3.1

References

secunia.com/advisories/42542

www.johnleitch.net/Vulnerabilities/WordPress.Twitter.Feed.0.3.1.Reflected.Cross-site.Scripting/68

www.osvdb.org/69760

www.securityfocus.com/bid/45294

exchange.xforce.ibmcloud.com/vulnerabilities/63942

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

73.7%

JSON

Related for CVE-2010-4825

cvelist1 prion1 wpvulndb1 patchstack1 openvas1 nvd1 nessus1