Search
Find a vulnerability
Search criteria
2 vulnerabilities found for advanced_text_widget_plugin by simplerealtytheme
CVE-2011-4618 (GCVE-0-2011-4618)
Vulnerability from nvd – Published: 2013-01-24 01:00 – Updated: 2024-08-07 00:09
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://plugins.trac.wordpress.org/changeset?repon… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.openwall.com/lists/oss-security/2011/12/19/6 | mailing-listx_refsource_MLIST |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/50744 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/520589 | mailing-listx_refsource_BUGTRAQ |
| http://wordpress.org/extend/plugins/advanced-text… | x_refsource_CONFIRM |
| http://wordpress.org/support/topic/wordpress-adva… | x_refsource_MISC |
Date Public
2011-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:19.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget",
"refsource": "CONFIRM",
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"name": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"name": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities",
"refsource": "MISC",
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4618",
"datePublished": "2013-01-24T01:00:00.000Z",
"dateReserved": "2011-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:09:19.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4618 (GCVE-0-2011-4618)
Vulnerability from cvelistv5 – Published: 2013-01-24 01:00 – Updated: 2024-08-07 00:09
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://plugins.trac.wordpress.org/changeset?repon… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.openwall.com/lists/oss-security/2011/12/19/6 | mailing-listx_refsource_MLIST |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/50744 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/520589 | mailing-listx_refsource_BUGTRAQ |
| http://wordpress.org/extend/plugins/advanced-text… | x_refsource_CONFIRM |
| http://wordpress.org/support/topic/wordpress-adva… | x_refsource_MISC |
Date Public
2011-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:19.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget",
"refsource": "CONFIRM",
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"name": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"name": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities",
"refsource": "MISC",
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4618",
"datePublished": "2013-01-24T01:00:00.000Z",
"dateReserved": "2011-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:09:19.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}