CVE-2012-4264

Exploit

EPSS 0.24%
Veröffentlicht 13.08.2012 22:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Better WP Security <= 3.2.4 - Multiple Cross-Site Scripting

Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different vulnerability than CVE-2012-4263.

Mögliche Gegenmaßnahme

Solid Security – Password, Two Factor Authentication, and Brute Force Protection: Update to version 3.2.5, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Solid Security – Password, Two Factor Authentication, and Brute Force Protection

Version *-3.2.4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bit51 ≫ Better-wp-security Version <= 3.2.4

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha10

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha11

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha2

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha3

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha4

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha5

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha6

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha7

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha8

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version- Updatealpha9

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.1 Updatealpha

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.1 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.2 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.3 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.4 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.5 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.6 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.7 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.8 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.9 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.10 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.11 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.13 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.14 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.15 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version0.16 Updatebeta

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.0

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.2

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.3

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.4

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.5

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.6

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.7

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.8

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.8.1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version1.9

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.0

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.2

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.3

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.4

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.5

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.6

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.7

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.8

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.9

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.10

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.11

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.12

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.13

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.14

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.15

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.16

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.17

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version2.18

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.2

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.3

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.4

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.5

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.6

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.7

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.8

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.9

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.10

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.11

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.0.12

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.2

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.2.1

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.2.2

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.2.3

Wordpress ≫ Wordpress Version-

Bit51 ≫ Better-wp-security Version3.2.5

Wordpress ≫ Wordpress Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.469

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://bit51.com/software/better-wp-security/changelog/

http://plugins.trac.wordpress.org/changeset?old_path=%2Fbetter-wp-security&old=542852&new_path=%2Fbetter-wp-security&new=542852

Patch

Exploit

https://www.wordfence.com/threat-intel/vulnerabilities/id/d2ccdafb-39f4-4249-95fa-a3d752c435f4

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-4264

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4264

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4264

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2012-4264