Lucene search
Stefan SchurtzPATCHSTACK:67719F1FF588CBA319298DA5A5EB15EEHistoryMar 28, 2012 - 12:00 a.m.
WordPress Integrator plugin <= 1.32 - Cross-Site Scripting (XSS) vulnerability
2012-03-2800:00:00
Stefan Schurtz
patchstack.com
2
0.019 Low
EPSS
Percentile
88.5%
WordPress Integrator “redirect_to” parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of a user in the context of the affected site. In this way, the attacker can steal cookie-based authentication credentials. Other attacks are also possible.
Solution
Deactivate and delete. This plugin has been closed as of July 16, 2018 and is not available for download. Reason: Unused.
| CPE | Name | Operator | Version |
|---|---|---|---|
| integrator | le | 1.32 |
References
Related
wpvulndb
wpvulndb
WordPress Integrator 1.32 - Cross-Site Scripting (XSS)
2014-10-02 19:17:29
cvelist
cvelist
CVE-2012-5913
2012-11-17 21:00:00
nvd
nvd
CVE-2012-5913
2012-11-17 21:55:06
cve
cve
CVE-2012-5913
2012-11-17 21:55:06
nuclei
nuclei
WordPress Integrator 1.32 - Cross-Site Scripting
2021-07-13 17:15:23
prion
prion
Cross site scripting
2012-11-17 21:55:00
patchstack
patchstack
WordPress Integrator 1.32 - Cross Site Scripting
2012-03-28 00:00:00