CVE-2011-5128

EUVD-2011-5028
Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin before 1.7.22 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3) inc-options/im_export_options.php, or the (4) post or (5) post_ID parameters to adminimize.php, different vectors than CVE-2011-4926.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
bueltgeadminimize
𝑥
≤ 1.7.21
bueltgeadminimize
0.6.9
bueltgeadminimize
0.7
bueltgeadminimize
0.7.1
bueltgeadminimize
0.7.2
bueltgeadminimize
0.7.3
bueltgeadminimize
0.7.5
bueltgeadminimize
0.7.6
bueltgeadminimize
0.7.7
bueltgeadminimize
0.7.8
bueltgeadminimize
0.7.9
bueltgeadminimize
0.8
bueltgeadminimize
0.8.1
bueltgeadminimize
1.0
bueltgeadminimize
1.1
bueltgeadminimize
1.2
bueltgeadminimize
1.3
bueltgeadminimize
1.4
bueltgeadminimize
1.4.1
bueltgeadminimize
1.4.2
bueltgeadminimize
1.4.3-6
bueltgeadminimize
1.4.7
bueltgeadminimize
1.5
bueltgeadminimize
1.5.1
bueltgeadminimize
1.5.2
bueltgeadminimize
1.5.3-8
bueltgeadminimize
1.6.1
bueltgeadminimize
1.6.3
bueltgeadminimize
1.6.4
bueltgeadminimize
1.6.5
bueltgeadminimize
1.6.6-7
bueltgeadminimize
1.6.8
bueltgeadminimize
1.6.9
bueltgeadminimize
1.7
bueltgeadminimize
1.7.1
bueltgeadminimize
1.7.2
bueltgeadminimize
1.7.3
bueltgeadminimize
1.7.4
bueltgeadminimize
1.7.5
bueltgeadminimize
1.7.6
bueltgeadminimize
1.7.7
bueltgeadminimize
1.7.8
bueltgeadminimize
1.7.9
bueltgeadminimize
1.7.10
bueltgeadminimize
1.7.11
bueltgeadminimize
1.7.12
bueltgeadminimize
1.7.13
bueltgeadminimize
1.7.14
bueltgeadminimize
1.7.15
bueltgeadminimize
1.7.16
bueltgeadminimize
1.7.17
bueltgeadminimize
1.7.18
bueltgeadminimize
1.7.19
bueltgeadminimize
1.7.20
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://plugins.trac.wordpress.org/changeset?reponame=&new=467338%40adminimize&old=466900%40adminimize#file5
http://wordpress.org/extend/plugins/adminimize/changelog/
http://plugins.trac.wordpress.org/changeset?reponame=&new=467338%40adminimize&old=466900%40adminimize#file5
http://wordpress.org/extend/plugins/adminimize/changelog/