CVE-2011-5128

Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin before 1.7.22 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3) inc-options/im_export_options.php, or the (4) post or (5) post_ID parameters to adminimize.php, different vectors than CVE-2011-4926.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
bueltgeadminimize
𝑥
≤ 1.7.21
bueltgeadminimize
0.6.9
bueltgeadminimize
0.7
bueltgeadminimize
0.7.1
bueltgeadminimize
0.7.2
bueltgeadminimize
0.7.3
bueltgeadminimize
0.7.5
bueltgeadminimize
0.7.6
bueltgeadminimize
0.7.7
bueltgeadminimize
0.7.8
bueltgeadminimize
0.7.9
bueltgeadminimize
0.8
bueltgeadminimize
0.8.1
bueltgeadminimize
1.0
bueltgeadminimize
1.1
bueltgeadminimize
1.2
bueltgeadminimize
1.3
bueltgeadminimize
1.4
bueltgeadminimize
1.4.1
bueltgeadminimize
1.4.2
bueltgeadminimize
1.4.3-6
bueltgeadminimize
1.4.7
bueltgeadminimize
1.5
bueltgeadminimize
1.5.1
bueltgeadminimize
1.5.2
bueltgeadminimize
1.5.3-8
bueltgeadminimize
1.6.1
bueltgeadminimize
1.6.3
bueltgeadminimize
1.6.4
bueltgeadminimize
1.6.5
bueltgeadminimize
1.6.6-7
bueltgeadminimize
1.6.8
bueltgeadminimize
1.6.9
bueltgeadminimize
1.7
bueltgeadminimize
1.7.1
bueltgeadminimize
1.7.2
bueltgeadminimize
1.7.3
bueltgeadminimize
1.7.4
bueltgeadminimize
1.7.5
bueltgeadminimize
1.7.6
bueltgeadminimize
1.7.7
bueltgeadminimize
1.7.8
bueltgeadminimize
1.7.9
bueltgeadminimize
1.7.10
bueltgeadminimize
1.7.11
bueltgeadminimize
1.7.12
bueltgeadminimize
1.7.13
bueltgeadminimize
1.7.14
bueltgeadminimize
1.7.15
bueltgeadminimize
1.7.16
bueltgeadminimize
1.7.17
bueltgeadminimize
1.7.18
bueltgeadminimize
1.7.19
bueltgeadminimize
1.7.20
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://plugins.trac.wordpress.org/changeset?reponame=&new=467338%40adminimize&old=466900%40adminimize#file5
http://wordpress.org/extend/plugins/adminimize/changelog/
http://plugins.trac.wordpress.org/changeset?reponame=&new=467338%40adminimize&old=466900%40adminimize#file5
http://wordpress.org/extend/plugins/adminimize/changelog/