Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for advanced_text_widget_plugin by simplerealtytheme

    CVE-2011-4618 (GCVE-0-2011-4618)

    Vulnerability from nvd – Published: 2013-01-24 01:00 – Updated: 2024-08-07 00:09
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:09:19.399Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
              },
              {
                "name": "advancedtextwidget-advancedtext-xss(71412)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
              },
              {
                "name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
              },
              {
                "name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
              },
              {
                "name": "50744",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/50744"
              },
              {
                "name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/520589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
            },
            {
              "name": "advancedtextwidget-advancedtext-xss(71412)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
            },
            {
              "name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
            },
            {
              "name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
            },
            {
              "name": "50744",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/50744"
            },
            {
              "name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/520589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-4618",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget",
                  "refsource": "CONFIRM",
                  "url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget"
                },
                {
                  "name": "advancedtextwidget-advancedtext-xss(71412)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
                },
                {
                  "name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
                },
                {
                  "name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
                },
                {
                  "name": "50744",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/50744"
                },
                {
                  "name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/520589"
                },
                {
                  "name": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/",
                  "refsource": "CONFIRM",
                  "url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
                },
                {
                  "name": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities",
                  "refsource": "MISC",
                  "url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-4618",
        "datePublished": "2013-01-24T01:00:00.000Z",
        "dateReserved": "2011-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:09:19.399Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4618 (GCVE-0-2011-4618)

    Vulnerability from cvelistv5 – Published: 2013-01-24 01:00 – Updated: 2024-08-07 00:09
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:09:19.399Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
              },
              {
                "name": "advancedtextwidget-advancedtext-xss(71412)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
              },
              {
                "name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
              },
              {
                "name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
              },
              {
                "name": "50744",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/50744"
              },
              {
                "name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/520589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
            },
            {
              "name": "advancedtextwidget-advancedtext-xss(71412)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
            },
            {
              "name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
            },
            {
              "name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
            },
            {
              "name": "50744",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/50744"
            },
            {
              "name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/520589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-4618",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget",
                  "refsource": "CONFIRM",
                  "url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget"
                },
                {
                  "name": "advancedtextwidget-advancedtext-xss(71412)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
                },
                {
                  "name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
                },
                {
                  "name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
                },
                {
                  "name": "50744",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/50744"
                },
                {
                  "name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/520589"
                },
                {
                  "name": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/",
                  "refsource": "CONFIRM",
                  "url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
                },
                {
                  "name": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities",
                  "refsource": "MISC",
                  "url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-4618",
        "datePublished": "2013-01-24T01:00:00.000Z",
        "dateReserved": "2011-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:09:19.399Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }