CVE-2012-4768

Currently unrated

Key Information:

Vendor: Wordpress
Status: Download Monitor
Vendor: CVE Published:; 4 September 2014

Summary

Cross-site scripting (XSS) vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI.

References

http://secunia.com/advisories/50511

third-party-advisoryx_refsource_SECUNIA

http://archives.neohapsis.com/archives/bugtraq/2012-09/00...

mailing-listx_refsource_BUGTRAQ

http://www.reactionpenetrationtesting.co.uk/wordpress-dow...

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 4, 2014
Vulnerability Reserved
Sep 6, 2012