Lucene search

[email protected]CVE-2012-4263

HistoryAug 13, 2012 - 10:55 p.m.

CVE-2012-4263

2012-08-1322:55:01

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-4263

cross-site scripting

xss

better wp security

plugin

wordpress

http_user_agent

vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

JSON

Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.

Affected configurations

NVD

Node

bit51better-wp-securityRange≤3.2.4

bit51better-wp-securityMatch-alpha1

bit51better-wp-securityMatch-alpha10

bit51better-wp-securityMatch-alpha11

bit51better-wp-securityMatch-alpha2

bit51better-wp-securityMatch-alpha3

bit51better-wp-securityMatch-alpha4

bit51better-wp-securityMatch-alpha5

bit51better-wp-securityMatch-alpha6

bit51better-wp-securityMatch-alpha7

bit51better-wp-securityMatch-alpha8

bit51better-wp-securityMatch-alpha9

bit51better-wp-securityMatch0.1alpha

bit51better-wp-securityMatch0.1beta

bit51better-wp-securityMatch0.2beta

bit51better-wp-securityMatch0.3beta

bit51better-wp-securityMatch0.4beta

bit51better-wp-securityMatch0.5beta

bit51better-wp-securityMatch0.6beta

bit51better-wp-securityMatch0.7beta

bit51better-wp-securityMatch0.8beta

bit51better-wp-securityMatch0.9beta

bit51better-wp-securityMatch0.10beta

bit51better-wp-securityMatch0.11beta

bit51better-wp-securityMatch0.13beta

bit51better-wp-securityMatch0.14beta

bit51better-wp-securityMatch0.15beta

bit51better-wp-securityMatch0.16beta

bit51better-wp-securityMatch1.0

bit51better-wp-securityMatch1.1

bit51better-wp-securityMatch1.2

bit51better-wp-securityMatch1.3

bit51better-wp-securityMatch1.4

bit51better-wp-securityMatch1.5

bit51better-wp-securityMatch1.6

bit51better-wp-securityMatch1.7

bit51better-wp-securityMatch1.8

bit51better-wp-securityMatch1.8.1

bit51better-wp-securityMatch1.9

bit51better-wp-securityMatch2.0

bit51better-wp-securityMatch2.1

bit51better-wp-securityMatch2.2

bit51better-wp-securityMatch2.3

bit51better-wp-securityMatch2.4

bit51better-wp-securityMatch2.5

bit51better-wp-securityMatch2.6

bit51better-wp-securityMatch2.7

bit51better-wp-securityMatch2.8

bit51better-wp-securityMatch2.9

bit51better-wp-securityMatch2.10

bit51better-wp-securityMatch2.11

bit51better-wp-securityMatch2.12

bit51better-wp-securityMatch2.13

bit51better-wp-securityMatch2.14

bit51better-wp-securityMatch2.15

bit51better-wp-securityMatch2.16

bit51better-wp-securityMatch2.17

bit51better-wp-securityMatch2.18

bit51better-wp-securityMatch3.0

bit51better-wp-securityMatch3.0.1

bit51better-wp-securityMatch3.0.2

bit51better-wp-securityMatch3.0.3

bit51better-wp-securityMatch3.0.4

bit51better-wp-securityMatch3.0.5

bit51better-wp-securityMatch3.0.6

bit51better-wp-securityMatch3.0.7

bit51better-wp-securityMatch3.0.8

bit51better-wp-securityMatch3.0.9

bit51better-wp-securityMatch3.0.10

bit51better-wp-securityMatch3.0.11

bit51better-wp-securityMatch3.0.12

bit51better-wp-securityMatch3.1

bit51better-wp-securityMatch3.2

bit51better-wp-securityMatch3.2.1

bit51better-wp-securityMatch3.2.2

bit51better-wp-securityMatch3.2.3

bit51better-wp-securityMatch3.2.5

AND

wordpresswordpressMatch-

CPENameOperatorVersion
bit51:better-wp-securitybit51 better-wp-securityle3.2.4
bit51:better-wp-securitybit51 better-wp-securityeq-
bit51:better-wp-securitybit51 better-wp-securityeq0.1
bit51:better-wp-securitybit51 better-wp-securityeq0.2
bit51:better-wp-securitybit51 better-wp-securityeq0.3
bit51:better-wp-securitybit51 better-wp-securityeq0.4
bit51:better-wp-securitybit51 better-wp-securityeq0.5
bit51:better-wp-securitybit51 better-wp-securityeq0.6
bit51:better-wp-securitybit51 better-wp-securityeq0.7
bit51:better-wp-securitybit51 better-wp-securityeq0.8

CPE	Name	Operator	Version
bit51:better-wp-security	bit51 better-wp-security	le	3.2.4
bit51:better-wp-security	bit51 better-wp-security	eq	-
bit51:better-wp-security	bit51 better-wp-security	eq	0.1
bit51:better-wp-security	bit51 better-wp-security	eq	0.2
bit51:better-wp-security	bit51 better-wp-security	eq	0.3
bit51:better-wp-security	bit51 better-wp-security	eq	0.4
bit51:better-wp-security	bit51 better-wp-security	eq	0.5
bit51:better-wp-security	bit51 better-wp-security	eq	0.6
bit51:better-wp-security	bit51 better-wp-security	eq	0.7
bit51:better-wp-security	bit51 better-wp-security	eq	0.8