Cross-Site Scripting Vulnerability in Advanced Text Widget for WordPress
CVE-2011-4618

Currently unrated

Key Information:

Vendor

Wordpress
Status
Advanced Text Widget Plugin
Vendor
CVE Published:
24 January 2013

What is CVE-2011-4618?

The Advanced Text Widget plugin for WordPress has a cross-site scripting (XSS) vulnerability within the advancedtext.php file. This flaw allows attackers to manipulate the page parameter, enabling them to inject arbitrary web scripts or HTML content. The vulnerability impacts versions prior to 2.0.2 and poses significant risks to affected WordPress sites if left unpatched.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://plugins.trac.wordpress.org/changeset?reponame=&new...
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/71412
vdb-entryx_refsource_XF
http://www.openwall.com/lists/oss-security/2011/12/19/6
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.