Cross-site Scripting Vulnerability in Twitter Feed Plugin for WordPress
CVE-2010-4825

Currently unrated

Key Information:

Vendor

Wordpress
Status
WP-twitter-feed
Vendor
CVE Published:
24 August 2011

What is CVE-2010-4825?

The Twitter Feed plugin for WordPress, specifically version 0.3.1, is susceptible to a cross-site scripting vulnerability due to inadequate input validation in the 'url' parameter of the magpie_debug.php file. This flaw allows remote attackers to inject arbitrary web scripts or HTML, potentially leading to unauthorized actions on behalf of unsuspecting users. It is essential for users to ensure they are running the latest version of the plugin to mitigate exposure to this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.johnleitch.net/Vulnerabilities/WordPress.Twitt...
x_refsource_MISC
http://secunia.com/advisories/42542
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/45294
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.