CVE-2010-4779

Currently unrated

Key Information:

Vendor: Wordpress
Status: WPtouch
Vendor: CVE Published:; 7 April 2011

Summary

Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouch_settings parameter to include/adsense-new.php. NOTE: some of these details are obtained from third party information.

References

http://osvdb.org/69538

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/42438

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/45139

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 7, 2011