fkie_nvd - fkie_cve-2011-3860

fkie_cve-2011-3860

Vulnerability from fkie_nvd

Published

2011-09-28 10:55

Modified

2025-04-11 00:51

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/50334
cve@mitre.org	https://sitewat.ch/en/Advisories/18	Exploit, URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/50334
af854a3a-2127-422b-91ae-364da2661108	https://sitewat.ch/en/Advisories/18	Exploit, URL Repurposed

Impacted products

Vendor	Product	Version
onedesigns	cover_wp	*
onedesigns	cover_wp	1.1
onedesigns	cover_wp	1.2
onedesigns	cover_wp	1.3
onedesigns	cover_wp	1.4
onedesigns	cover_wp	1.4.1
onedesigns	cover_wp	1.5
onedesigns	cover_wp	1.5.1
onedesigns	cover_wp	1.5.2
onedesigns	cover_wp	1.5.3
onedesigns	cover_wp	1.5.4
onedesigns	cover_wp	1.5.5
onedesigns	cover_wp	1.5.6
onedesigns	cover_wp	1.5.7
onedesigns	cover_wp	1.5.8
onedesigns	cover_wp	1.5.9
onedesigns	cover_wp	1.6
onedesigns	cover_wp	1.6.1
onedesigns	cover_wp	1.6.2
onedesigns	cover_wp	1.6.3
onedesigns	cover_wp	1.6.4
wordpress	wordpress	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAF6DCD-36B2-4E3A-AC3F-70C69ABFCF8D",
              "versionEndIncluding": "1.6.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8FFE575-197B-4642-AB1F-680EE28920BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C4387E-53CD-4E92-BF3C-64412C68648C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDB4E201-1B1A-44C6-B40C-2340967D0760",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C94FE880-326C-4EF3-99EA-AC73F9D37ABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C026683-D5F9-4376-8DBD-65EDBBB53051",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADDAB385-1559-44B6-909B-98F0E0AAA86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "207AB4EF-DDC2-4F33-87F4-029C01BC0C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "927AB4AD-0B42-4873-B24F-D080784D1FD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF31D66A-D5A3-47C5-AAE7-76259364EA92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3625724C-E183-4A8A-B5C4-FB0DBD959C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED329E2-852A-47CE-8AA0-D994DD604AD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ADC018F-975A-4B03-925C-3B592CFA39F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "84409E5F-920C-4A97-95EE-27B4BD88850E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D249FB37-9F3F-4AA6-9BE1-060EFF194A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CF3F0E0-F6D7-4D50-9E07-8E24035C5569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "281FFF4A-AC70-4DD4-A9DD-31486B992BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69140A4-E602-431C-B022-F6AD261D1093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D521AC3E-80FA-46CA-A7B8-FB25608A9F74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A67A96A-D0A6-4560-A282-E13179B825D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDADF112-AF70-4363-8BE6-ECBF070DC732",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "847DA578-4655-477E-8A6F-99FBE738E4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter."
    },
    {
      "lang": "es",
      "value": "vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el tema Cover WP anteriores a v1.6.6 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro s."
    }
  ],
  "id": "CVE-2011-3860",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-09-28T10:55:04.310",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/50334"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "https://sitewat.ch/en/Advisories/18"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/50334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "https://sitewat.ch/en/Advisories/18"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-3860 (GCVE-0-2011-3860)

Vulnerability from cvelistv5

Published

2011-09-28 10:00