Lucene search

[email protected]NVD:CVE-2011-3852

HistorySep 28, 2011 - 10:55 a.m.

CVE-2011-3852

2011-09-2810:55:03

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.0%

JSON

Cross-site scripting (XSS) vulnerability in the EvoLve theme before 1.2.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

Affected configurations

NVD

Node

theme4pressevolveRange≤1.2.5

theme4pressevolveMatch1.0

theme4pressevolveMatch1.0.0

theme4pressevolveMatch1.0.1

theme4pressevolveMatch1.0.2

theme4pressevolveMatch1.0.3

theme4pressevolveMatch1.0.4

theme4pressevolveMatch1.0.5

theme4pressevolveMatch1.0.6

theme4pressevolveMatch1.0.7

theme4pressevolveMatch1.0.8

theme4pressevolveMatch1.0.9

theme4pressevolveMatch1.1.0

theme4pressevolveMatch1.1.1

theme4pressevolveMatch1.1.2

theme4pressevolveMatch1.1.3

theme4pressevolveMatch1.1.4

theme4pressevolveMatch1.1.5

theme4pressevolveMatch1.1.6

theme4pressevolveMatch1.1.7

theme4pressevolveMatch1.1.8

theme4pressevolveMatch1.1.9

theme4pressevolveMatch1.2.0

theme4pressevolveMatch1.2.1

theme4pressevolveMatch1.2.2

theme4pressevolveMatch1.2.3

theme4pressevolveMatch1.2.4

AND

wordpresswordpress

References

sitewat.ch/en/Advisories/10

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.0%

JSON

Related for NVD:CVE-2011-3852

patchstack1 wpvulndb1 cve1 prion1 cvelist1 openvas1