Lucene search

MitreCVE-2011-4568

HistoryNov 29, 2011 - 11:55 a.m.

CVE-2011-4568

2011-11-2911:55:05

CWE-79

mitre

web.nvd.nist.gov

cve-2011-4568

cross-site scripting

xss

vulnerability

flowplayer plugin

wordpress

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.002

Percentile

60.2%

JSON

Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI.

Affected configurations

Nvd

Node

foliovisionfv_wordpress_flowplayer_pluginRange≤1.12.11

foliovisionfv_wordpress_flowplayer_pluginMatch0.9.12

foliovisionfv_wordpress_flowplayer_pluginMatch0.9.13

foliovisionfv_wordpress_flowplayer_pluginMatch0.9.14

foliovisionfv_wordpress_flowplayer_pluginMatch0.9.15

foliovisionfv_wordpress_flowplayer_pluginMatch0.9.16

foliovisionfv_wordpress_flowplayer_pluginMatch0.9.18

foliovisionfv_wordpress_flowplayer_pluginMatch1.0

foliovisionfv_wordpress_flowplayer_pluginMatch1.0.1

foliovisionfv_wordpress_flowplayer_pluginMatch1.0.2

foliovisionfv_wordpress_flowplayer_pluginMatch1.0.3

foliovisionfv_wordpress_flowplayer_pluginMatch1.0.4

foliovisionfv_wordpress_flowplayer_pluginMatch1.0.5

foliovisionfv_wordpress_flowplayer_pluginMatch1.0.6

foliovisionfv_wordpress_flowplayer_pluginMatch1.1.0

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.0

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.1

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.2

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.3

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.4

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.5

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.6

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.7

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.8

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.9

foliovisionfv_wordpress_flowplayer_pluginMatch1.2.10

AND

wordpresswordpress

VendorProductVersionCPE
foliovisionfv_wordpress_flowplayer_plugin*cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:*:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin0.9.12cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.12:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin0.9.13cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.13:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin0.9.14cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.14:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin0.9.15cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.15:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin0.9.16cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.16:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin0.9.18cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.18:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin1.0cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:1.0:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin1.0.1cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:1.0.1:*:*:*:*:*:*:*
foliovisionfv_wordpress_flowplayer_plugin1.0.2cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:1.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
foliovision	fv_wordpress_flowplayer_plugin	*	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin::::::::
foliovision	fv_wordpress_flowplayer_plugin	0.9.12	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.12:::::::*
foliovision	fv_wordpress_flowplayer_plugin	0.9.13	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.13:::::::*
foliovision	fv_wordpress_flowplayer_plugin	0.9.14	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.14:::::::*
foliovision	fv_wordpress_flowplayer_plugin	0.9.15	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.15:::::::*
foliovision	fv_wordpress_flowplayer_plugin	0.9.16	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.16:::::::*
foliovision	fv_wordpress_flowplayer_plugin	0.9.18	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:0.9.18:::::::*
foliovision	fv_wordpress_flowplayer_plugin	1.0	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:1.0:::::::*
foliovision	fv_wordpress_flowplayer_plugin	1.0.1	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:1.0.1:::::::*
foliovision	fv_wordpress_flowplayer_plugin	1.0.2	cpe:2.3:a:foliovision:fv_wordpress_flowplayer_plugin:1.0.2:::::::*

Rows per page:

1-10 of 271

References

plugins.trac.wordpress.org/changeset?reponame=&new=413607%40fv-wordpress-flowplayer&old=409594%40fv-wordpress-flowplayer

secunia.com/advisories/46346

wordpress.org/extend/plugins/fv-wordpress-flowplayer/changelog/

www.securityfocus.com/bid/50008

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.002

Percentile

60.2%

JSON

Related for CVE-2011-4568