Lucene search
RedhatCVE-2012-4422HistorySep 14, 2012 - 7:55 p.m.
CVE-2012-4422
2012-09-1419:55:01
CWE-264
redhat
web.nvd.nist.gov
33
wordpress
cve-2012-4422
security
vulnerability
wordpress 3.4.2
multisite
plugin activation
nvd
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.1
Confidence
Low
EPSS
0.002
Percentile
52.4%
wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed plugin, which might allow remote authenticated users to make unintended plugin changes by leveraging the Administrator role.
Affected configurations
Node
wordpresswordpressRange≤3.4.1
ORwordpresswordpressMatch0.71
ORwordpresswordpressMatch1.0
ORwordpresswordpressMatch1.0.1
ORwordpresswordpressMatch1.0.2
ORwordpresswordpressMatch1.1.1
ORwordpresswordpressMatch1.2
ORwordpresswordpressMatch1.2.1
ORwordpresswordpressMatch1.2.2
ORwordpresswordpressMatch1.2.3
ORwordpresswordpressMatch1.2.4
ORwordpresswordpressMatch1.2.5
ORwordpresswordpressMatch1.2.5a
ORwordpresswordpressMatch1.3
ORwordpresswordpressMatch1.3.2
ORwordpresswordpressMatch1.3.3
ORwordpresswordpressMatch1.5
ORwordpresswordpressMatch1.5.1
ORwordpresswordpressMatch1.5.1.1
ORwordpresswordpressMatch1.5.1.2
ORwordpresswordpressMatch1.5.1.3
ORwordpresswordpressMatch1.5.2
ORwordpresswordpressMatch2.0
ORwordpresswordpressMatch2.0.1
ORwordpresswordpressMatch2.0.2
ORwordpresswordpressMatch2.0.4
ORwordpresswordpressMatch2.0.5
ORwordpresswordpressMatch2.0.6
ORwordpresswordpressMatch2.0.7
ORwordpresswordpressMatch2.0.8
ORwordpresswordpressMatch2.0.9
ORwordpresswordpressMatch2.0.10
ORwordpresswordpressMatch2.0.11
ORwordpresswordpressMatch2.1
ORwordpresswordpressMatch2.1.1
ORwordpresswordpressMatch2.1.2
ORwordpresswordpressMatch2.1.3
ORwordpresswordpressMatch2.2
ORwordpresswordpressMatch2.2.1
ORwordpresswordpressMatch2.2.2
ORwordpresswordpressMatch2.2.3
ORwordpresswordpressMatch2.3
ORwordpresswordpressMatch2.3.1
ORwordpresswordpressMatch2.3.2
ORwordpresswordpressMatch2.3.3
ORwordpresswordpressMatch2.5
ORwordpresswordpressMatch2.5.1
ORwordpresswordpressMatch2.6
ORwordpresswordpressMatch2.6.1
ORwordpresswordpressMatch2.6.2
ORwordpresswordpressMatch2.6.3
ORwordpresswordpressMatch2.6.5
ORwordpresswordpressMatch2.7
ORwordpresswordpressMatch2.7.1
ORwordpresswordpressMatch2.8
ORwordpresswordpressMatch2.8.1
ORwordpresswordpressMatch2.8.2
ORwordpresswordpressMatch2.8.3
ORwordpresswordpressMatch2.8.4
ORwordpresswordpressMatch2.8.4a
ORwordpresswordpressMatch2.8.5
ORwordpresswordpressMatch2.8.5.1
ORwordpresswordpressMatch2.8.5.2
ORwordpresswordpressMatch2.8.6
ORwordpresswordpressMatch2.9
ORwordpresswordpressMatch2.9.1
ORwordpresswordpressMatch2.9.1.1
ORwordpresswordpressMatch2.9.2
ORwordpresswordpressMatch3.0
ORwordpresswordpressMatch3.0.1
ORwordpresswordpressMatch3.0.2
ORwordpresswordpressMatch3.0.3
ORwordpresswordpressMatch3.0.4
ORwordpresswordpressMatch3.0.5
ORwordpresswordpressMatch3.0.6
ORwordpresswordpressMatch3.1
ORwordpresswordpressMatch3.1.1
ORwordpresswordpressMatch3.1.2
ORwordpresswordpressMatch3.1.3
ORwordpresswordpressMatch3.1.4
ORwordpresswordpressMatch3.2
ORwordpresswordpressMatch3.2beta1
ORwordpresswordpressMatch3.2.1
ORwordpresswordpressMatch3.3
ORwordpresswordpressMatch3.3.1
ORwordpresswordpressMatch3.3.2
ORwordpresswordpressMatch3.3.3
ORwordpresswordpressMatch3.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wordpress | wordpress | * | cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* |
| wordpress | wordpress | 0.71 | cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.0 | cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.0.1 | cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.0.2 | cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.1.1 | cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.2 | cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.2.1 | cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.2.2 | cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:* |
| wordpress | wordpress | 1.2.3 | cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2012-4422
2012-09-14 19:55:01
patchstack
patchstack
WordPress <= 3.4.1 - Multiple vulnerabilities
2012-08-21 00:00:00
prion
prion
Code injection
2012-09-14 19:55:00
cvelist
cvelist
CVE-2012-4422
2012-09-14 19:00:00
nvd
nvd
CVE-2012-4422
2012-09-14 19:55:01
ubuntucve
ubuntucve
CVE-2012-4422
2012-09-14 00:00:00
nessus
nessus
WordPress < 3.4.2 Multiple Vulnerabilities
2012-09-12 00:00:00
WordPress < 3.4.2 Multiple Vulnerabilities
2016-02-26 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: tor-0.2.3.25-1702.fc17
2013-03-24 22:52:10
[SECURITY] Fedora 17 Update: tor-0.2.2.39-1700.fc17
2013-02-03 13:38:51
openvas
openvas
Fedora Update for tor FEDORA-2013-3773
2013-03-25 00:00:00
Fedora Update for tor FEDORA-2013-3773
2013-03-25 00:00:00
Fedora Update for tor FEDORA-2012-14650
2013-02-04 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.1
Confidence
Low
EPSS
0.002
Percentile
52.4%
Related for CVE-2012-4422