CVE-2012-5349

Currently unrated

Key Information:

Vendor: WordPress
Status: Pay-with-tweet
Vendor: CVE Published:; 9 October 2012

Summary

Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72166

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/51308

vdb-entryx_refsource_BID

http://www.exploit-db.com/exploits/18330

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Oct 9, 2012
Vulnerability Reserved
Oct 9, 2012