Lucene search

[email protected]CVE-2011-5128

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-5128

2022-10-0316:15:12

CWE-79

[email protected]

web.nvd.nist.gov

cve

2011

5128

adminimize

plugin

wordpress

xss

vulnerabilities

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.018 Low

EPSS

Percentile

88.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin before 1.7.22 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3) inc-options/im_export_options.php, or the (4) post or (5) post_ID parameters to adminimize.php, different vectors than CVE-2011-4926.

Affected configurations

NVD

Node

bueltgeadminimizeRange≤1.7.21

bueltgeadminimizeMatch0.6.9

bueltgeadminimizeMatch0.7

bueltgeadminimizeMatch0.7.1

bueltgeadminimizeMatch0.7.2

bueltgeadminimizeMatch0.7.3

bueltgeadminimizeMatch0.7.5

bueltgeadminimizeMatch0.7.6

bueltgeadminimizeMatch0.7.7

bueltgeadminimizeMatch0.7.8

bueltgeadminimizeMatch0.7.9

bueltgeadminimizeMatch0.8

bueltgeadminimizeMatch0.8.1

bueltgeadminimizeMatch1.0

bueltgeadminimizeMatch1.1

bueltgeadminimizeMatch1.2

bueltgeadminimizeMatch1.3

bueltgeadminimizeMatch1.4

bueltgeadminimizeMatch1.4.1

bueltgeadminimizeMatch1.4.2

bueltgeadminimizeMatch1.4.3-6

bueltgeadminimizeMatch1.4.7

bueltgeadminimizeMatch1.5

bueltgeadminimizeMatch1.5.1

bueltgeadminimizeMatch1.5.2

bueltgeadminimizeMatch1.5.3-8

bueltgeadminimizeMatch1.6.1

bueltgeadminimizeMatch1.6.3

bueltgeadminimizeMatch1.6.4

bueltgeadminimizeMatch1.6.5

bueltgeadminimizeMatch1.6.6-7

bueltgeadminimizeMatch1.6.8

bueltgeadminimizeMatch1.6.9

bueltgeadminimizeMatch1.7

bueltgeadminimizeMatch1.7.1

bueltgeadminimizeMatch1.7.2

bueltgeadminimizeMatch1.7.3

bueltgeadminimizeMatch1.7.4

bueltgeadminimizeMatch1.7.5

bueltgeadminimizeMatch1.7.6

bueltgeadminimizeMatch1.7.7

bueltgeadminimizeMatch1.7.8

bueltgeadminimizeMatch1.7.9

bueltgeadminimizeMatch1.7.10

bueltgeadminimizeMatch1.7.11

bueltgeadminimizeMatch1.7.12

bueltgeadminimizeMatch1.7.13

bueltgeadminimizeMatch1.7.14

bueltgeadminimizeMatch1.7.15

bueltgeadminimizeMatch1.7.16

bueltgeadminimizeMatch1.7.17

bueltgeadminimizeMatch1.7.18

bueltgeadminimizeMatch1.7.19

bueltgeadminimizeMatch1.7.20

AND

wordpresswordpressMatch-

CPENameOperatorVersion
bueltge:adminimizebueltge adminimizele1.7.21
bueltge:adminimizebueltge adminimizeeq0.6.9
bueltge:adminimizebueltge adminimizeeq0.7
bueltge:adminimizebueltge adminimizeeq0.7.1
bueltge:adminimizebueltge adminimizeeq0.7.2
bueltge:adminimizebueltge adminimizeeq0.7.3
bueltge:adminimizebueltge adminimizeeq0.7.5
bueltge:adminimizebueltge adminimizeeq0.7.6
bueltge:adminimizebueltge adminimizeeq0.7.7
bueltge:adminimizebueltge adminimizeeq0.7.8

CPE	Name	Operator	Version
bueltge:adminimize	bueltge adminimize	le	1.7.21
bueltge:adminimize	bueltge adminimize	eq	0.6.9
bueltge:adminimize	bueltge adminimize	eq	0.7
bueltge:adminimize	bueltge adminimize	eq	0.7.1
bueltge:adminimize	bueltge adminimize	eq	0.7.2
bueltge:adminimize	bueltge adminimize	eq	0.7.3
bueltge:adminimize	bueltge adminimize	eq	0.7.5
bueltge:adminimize	bueltge adminimize	eq	0.7.6
bueltge:adminimize	bueltge adminimize	eq	0.7.7
bueltge:adminimize	bueltge adminimize	eq	0.7.8