Lucene search

[email protected]CVE-2011-4673

HistoryDec 02, 2011 - 6:55 p.m.

CVE-2011-4673

2011-12-0218:55:02

CWE-89

[email protected]

web.nvd.nist.gov

cve

2011

4673

sql injection

jetpack plugin

wordpress

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.8%

JSON

SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

automatticjetpack

AND

wordpresswordpress

CPENameOperatorVersion
automattic:jetpackautomattic jetpackeq*

CPE	Name	Operator	Version
automattic:jetpack	automattic jetpack	eq	*

References

www.exploit-db.com/exploits/18126

www.securityfocus.com/bid/50730

exchange.xforce.ibmcloud.com/vulnerabilities/71404

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.8%

JSON

Related for CVE-2011-4673

patchstack1 cvelist1 prion1 nvd1