Lucene search
HistoryMay 21, 2012 - 6:55 p.m.
CVE-2012-2913
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.002
Percentile
57.2%
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.
Affected configurations
Node
mapsmarkerleaflet_maps_marker_pluginMatch0.0.1
wordpresswordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mapsmarker | leaflet_maps_marker_plugin | 0.0.1 | cpe:2.3:a:mapsmarker:leaflet_maps_marker_plugin:0.0.1:*:*:*:*:*:*:* |
| wordpress | wordpress | * | cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
cve
cve
CVE-2012-2913
2012-05-21 18:55:07
patchstack
patchstack
WordPress Leaflet Maps Marker Plugin 0.0.1 - "id" Parameter XSS
2012-05-15 00:00:00
cvelist
cvelist
CVE-2012-2913
2012-05-21 18:00:00
wpvulndb
wpvulndb
Leaflet <= 0.0.1 - Cross Site Scripting
2012-05-15 00:00:00
prion
prion
Cross site scripting
2012-05-21 18:55:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.002
Percentile
57.2%
Related for NVD:CVE-2012-2913