Cross-Site Scripting Vulnerability in Adminimize Plugin for WordPress
CVE-2011-4926

Currently unrated

Key Information:

Vendor
Wordpress
Status
Adminimize
Vendor
CVE Published:
29 August 2012

Summary

The Adminimize plugin for WordPress has a vulnerability that allows attackers to execute arbitrary web scripts or HTML by exploiting an issue within the adminimize_page.php file. By manipulating the page parameter, attackers can potentially gain unauthorized access to sensitive information, leading to broader security repercussions for affected WordPress installations. It is crucial for site administrators using this plugin to upgrade to version 1.7.22 or later to mitigate this risk and secure their websites against such attacks.

References

http://www.openwall.com/lists/oss-security/2012/01/10/9
mailing-listx_refsource_MLIST
http://wordpress.org/extend/plugins/adminimize/changelog/
x_refsource_CONFIRM
http://www.osvdb.org/77472
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.