Lucene search

[email protected]CVE-2012-0895

HistoryJan 20, 2012 - 5:55 p.m.

CVE-2012-0895

2012-01-2017:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-0895

xss

vulnerability

map.php

count per day

wordpress

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.8%

JSON

Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map parameter.

CPENameOperatorVersion
tom_braider:count_per_daytom braider count per dayle3.1
tom_braider:count_per_daytom braider count per dayeq1.0

CPE	Name	Operator	Version
tom_braider:count_per_day	tom braider count per day	le	3.1
tom_braider:count_per_day	tom braider count per day	eq	1.0

References

osvdb.org/78271

packetstormsecurity.org/files/108631/countperday-downloadxss.txt

plugins.trac.wordpress.org/changeset/488883/count-per-day

secunia.com/advisories/47529

wordpress.org/extend/plugins/count-per-day/changelog/

www.exploit-db.com/exploits/18355

www.securityfocus.com/bid/51402

exchange.xforce.ibmcloud.com/vulnerabilities/72384

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.8%

JSON

Related for CVE-2012-0895

cvelist1 patchstack1 prion1 wpvulndb1