Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-0237HistoryJul 08, 2013 - 8:55 p.m.
CVE-2013-0237
2013-07-0820:55:00
Debian Security Bug Tracker
security-tracker.debian.org
14
cve-2013-0237
cross-site scripting
plupload.as
moxiecode plupload
wordpress 3.5.1
remote attackers
arbitrary web script
html
id parameter
unix
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
64.9%
Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | < 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | < 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | < 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
Related
cve
cve
cvelist
cvelist
CVE-2013-0237
2013-07-08 20:00:00
nvd
nvd
ubuntucve
ubuntucve
CVE-2013-0237
2013-07-08 00:00:00
patchstack
patchstack
WordPress <= 1.5.4 - Cross Site Scripting
2012-12-06 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 06:48:00
prion
prion
Cross site scripting
2013-07-08 20:55:00
Design/Logic Flaw
2013-12-01 17:55:00
openvas
openvas
Fedora Update for wordpress FEDORA-2013-1774
2013-02-11 00:00:00
Fedora Update for wordpress FEDORA-2013-1774
2013-02-11 00:00:00
Fedora Update for wordpress FEDORA-2013-1692
2013-02-11 00:00:00
freebsd
freebsd
wordpress -- multiple vulnerabilities
2013-01-24 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: wordpress-3.5.1-1.fc18
2013-02-10 04:25:57
[SECURITY] Fedora 17 Update: wordpress-3.5.1-1.fc17
2013-02-10 04:44:54
[SECURITY] Fedora 18 Update: wordpress-3.5.2-1.fc18
2013-07-03 01:37:44
nessus
nessus
WordPress < 3.5.1 Multiple Vulnerabilities
2016-02-26 00:00:00
FreeBSD : wordpress -- multiple vulnerabilities (559e00b7-6a4d-11e2-b6b0-10bf48230856)
2013-01-30 00:00:00
WordPress < 3.5.1 Multiple Vulnerabilities
2013-02-04 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
64.9%
Related for DEBIANCVE:CVE-2013-0237