NVD

Id
11442  
Name
CVE-2011-5182  
Description
** DISPUTED ** Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating "Lanoba"s plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user"s behalf."  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2012-09-20  
Modified Date
2012-09-20  
Seq
2011-5182  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
62906 11442 CVE-2011-5182 20111119 wordpress Lanoba Social Plugin Xss Vulnerabilities  View
62907 11442 CVE-2011-5182 20111129 Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities  View
62908 11442 CVE-2011-5182 50746  View
62909 11442 CVE-2011-5182 lanobasocial-index-xss(71411)  View
62910 11442 CVE-2011-5182 https://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities  View

Related JVN