Lucene search
HistorySep 23, 2012 - 5:55 p.m.
CVE-2011-5193
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
61.9%
Cross-site scripting (XSS) vulnerability in vendors/samswhois/samswhois.inc.php in the Whois Search plugin 1.4.2.3 for WordPress, when the WHOIS widget is enabled, allows remote attackers to inject arbitrary web script or HTML via the domain parameter to index.php, a different vulnerability than CVE-2011-5194.
Affected configurations
Node
wordpresswordpressMatch-
phpacesamswhoisRange≤1.4.2.3
ORphpacesamswhoisMatch1.1
References
Related
prion
prion
Cross site scripting
2012-09-23 17:55:00
Cross site scripting
2012-09-23 17:55:00
nvd
nvd
CVE-2011-5194
2012-09-23 17:55:01
cvelist
cvelist
CVE-2011-5193
2012-09-23 17:00:00
CVE-2011-5194
2012-09-23 17:00:00
cve
cve
CVE-2011-5193
2012-09-23 17:55:01
CVE-2011-5194
2012-09-23 17:55:01
patchstack
patchstack
WordPress WHOIS Plugin 1.4.2.3 - Cross Site Scripting
2012-01-03 00:00:00
WordPress Whois Search Plugin <= 1.4.2.2 - XSS
2012-09-23 00:00:00
openvas
openvas
WordPress WHOIS Plugin 'domain' Parameter XSS Vulnerability
2012-01-04 00:00:00
exploitdb
exploitdb
WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cross-Site Scripting
2012-01-03 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
61.9%
Related for NVD:CVE-2011-5193