Lucene search
HistoryJan 21, 2014 - 1:55 a.m.
CVE-2010-5295
cve-2010-5295
cross-site scripting
xss
wordpress
vulnerability
web script
html
delete plugin action
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
48.0%
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin’s author field, which is not properly handled during a Delete Plugin action.
Related
wpvulndb
wpvulndb
WordPress 2.0 - 3.0.1 Cross-Site Scripting (XSS) in wp-admin/plugins.php
2014-08-01 10:58:24
prion
prion
Cross site scripting
2014-01-21 01:55:00
ubuntucve
ubuntucve
CVE-2010-5295
2014-01-21 00:00:00
debiancve
debiancve
CVE-2010-5295
2014-01-21 01:55:00
patchstack
patchstack
WordPress <= 3.0.1 - XSS
2014-01-20 00:00:00
openvas
openvas
WordPress < 3.0.2 Multiple Vulnerabilities
2022-12-08 00:00:00
nessus
nessus
WordPress < 3.0.2 Multiple Vulnerabilities
2011-02-03 00:00:00
WordPress < 3.0.2 Multiple Vulnerabilities
2016-02-26 00:00:00
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
48.0%
Related for CVE-2010-5295