Cross-Site Scripting Vulnerabilities in Better WP Security Plugin for WordPress
CVE-2012-4264

Currently unrated

Key Information:

Vendor: Wordpress
Status: Better-WP-security
Vendor: CVE Published:; 13 August 2012

What is CVE-2012-4264?

The Better WP Security plugin for WordPress is vulnerable to multiple cross-site scripting (XSS) issues that can be exploited by remote attackers. These vulnerabilities stem from insufficient input validation in various server variables, allowing malicious scripts or HTML to be injected. This poses a risk to WordPress users, as it could enable attackers to execute unauthorized actions through affected instances of the plugin.

References

http://plugins.trac.wordpress.org/changeset?old_path=%2Fb...

x_refsource_CONFIRM

http://bit51.com/software/better-wp-security/changelog/

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 13, 2012

Wordpress

What is CVE-2012-4264?

References

Timeline