Lucene search
Pietro OlivaPATCHSTACK:BBF44EFBBF49B75D0034403621714052HistoryOct 07, 2014 - 12:00 a.m.
WordPress BulletProof Security Plugin <= .51 - XSS
2014-10-0700:00:00
Pietro Oliva
patchstack.com
6
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Because of this vulnerability in admin/htaccess/bpsunlock.php, the attackers can inject arbitrary web script or HTML via the “dbhost” parameter.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bulletproof security | le | .51 |
Related
prion
prion
Cross site scripting
2014-11-06 15:55:00
cve
cve
CVE-2014-7958
2014-11-06 15:55:00
securityvulns
securityvulns
Wordpress bulletproof-security <=.51 multiple vulnerabilities
2014-12-01 00:00:00
zdt
zdt
WordPress Bulletproof-Security .51 Multiple Vulnerabilities
2014-11-06 00:00:00
packetstorm
packetstorm
WordPress Bulletproof-Security .51 XSS / SQL Injection / SSRF
2014-11-05 00:00:00
wpvulndb
wpvulndb
BulletProof Security <= .51 - Multiple Vulnerabilities (XSS & SSRF)
2014-11-05 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for PATCHSTACK:BBF44EFBBF49B75D0034403621714052