Lucene search

[email protected]NVD:CVE-2012-5349

HistoryOct 09, 2012 - 3:55 p.m.

CVE-2012-5349

2012-10-0915:55:01

CWE-79

[email protected]

web.nvd.nist.gov

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.

Affected configurations

NVD

Node

wordpresspay-with-tweetRange≤1.1

AND

wordpresswordpressMatch-

References

secunia.com/advisories/47475

wordpress.org/extend/plugins/pay-with-tweet/changelog/

www.exploit-db.com/exploits/18330

www.osvdb.org/78205

www.securityfocus.com/bid/51308

exchange.xforce.ibmcloud.com/vulnerabilities/72166

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.5%

JSON

Related for NVD:CVE-2012-5349

cvelist1 cve1 patchstack1 prion1