CVE-2012-1834

Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
cms_tree_page_view_projectcms_tree_page_view
𝑥
≤ 0.8.8
cms_tree_page_view_projectcms_tree_page_view
0.1
cms_tree_page_view_projectcms_tree_page_view
0.1a:a
cms_tree_page_view_projectcms_tree_page_view
0.2
cms_tree_page_view_projectcms_tree_page_view
0.3
cms_tree_page_view_projectcms_tree_page_view
0.4
cms_tree_page_view_projectcms_tree_page_view
0.4.1
cms_tree_page_view_projectcms_tree_page_view
0.4.2
cms_tree_page_view_projectcms_tree_page_view
0.4.3
cms_tree_page_view_projectcms_tree_page_view
0.4.4
cms_tree_page_view_projectcms_tree_page_view
0.4.5
cms_tree_page_view_projectcms_tree_page_view
0.4.6
cms_tree_page_view_projectcms_tree_page_view
0.4.7
cms_tree_page_view_projectcms_tree_page_view
0.4.8
cms_tree_page_view_projectcms_tree_page_view
0.4.9
cms_tree_page_view_projectcms_tree_page_view
0.5
cms_tree_page_view_projectcms_tree_page_view
0.5.1
cms_tree_page_view_projectcms_tree_page_view
0.5.2
cms_tree_page_view_projectcms_tree_page_view
0.5.3
cms_tree_page_view_projectcms_tree_page_view
0.5.4
cms_tree_page_view_projectcms_tree_page_view
0.5.5
cms_tree_page_view_projectcms_tree_page_view
0.5.6
cms_tree_page_view_projectcms_tree_page_view
0.5.7
cms_tree_page_view_projectcms_tree_page_view
0.6
cms_tree_page_view_projectcms_tree_page_view
0.6.1
cms_tree_page_view_projectcms_tree_page_view
0.6.2
cms_tree_page_view_projectcms_tree_page_view
0.6.3
cms_tree_page_view_projectcms_tree_page_view
0.7
cms_tree_page_view_projectcms_tree_page_view
0.7.1
cms_tree_page_view_projectcms_tree_page_view
0.7.2
cms_tree_page_view_projectcms_tree_page_view
0.7.3
cms_tree_page_view_projectcms_tree_page_view
0.7.4
cms_tree_page_view_projectcms_tree_page_view
0.7.5
cms_tree_page_view_projectcms_tree_page_view
0.7.6
cms_tree_page_view_projectcms_tree_page_view
0.7.7
cms_tree_page_view_projectcms_tree_page_view
0.7.8
cms_tree_page_view_projectcms_tree_page_view
0.7.9
cms_tree_page_view_projectcms_tree_page_view
0.7.10
cms_tree_page_view_projectcms_tree_page_view
0.7.11
cms_tree_page_view_projectcms_tree_page_view
0.7.12
cms_tree_page_view_projectcms_tree_page_view
0.7.13
cms_tree_page_view_projectcms_tree_page_view
0.7.14
cms_tree_page_view_projectcms_tree_page_view
0.7.15
cms_tree_page_view_projectcms_tree_page_view
0.7.16
cms_tree_page_view_projectcms_tree_page_view
0.7.17
cms_tree_page_view_projectcms_tree_page_view
0.7.18
cms_tree_page_view_projectcms_tree_page_view
0.7.19
cms_tree_page_view_projectcms_tree_page_view
0.7.20
cms_tree_page_view_projectcms_tree_page_view
0.8
cms_tree_page_view_projectcms_tree_page_view
0.8.1
cms_tree_page_view_projectcms_tree_page_view
0.8.2
cms_tree_page_view_projectcms_tree_page_view
0.8.3
cms_tree_page_view_projectcms_tree_page_view
0.8.4
cms_tree_page_view_projectcms_tree_page_view
0.8.5
cms_tree_page_view_projectcms_tree_page_view
0.8.6
cms_tree_page_view_projectcms_tree_page_view
0.8.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://plugins.trac.wordpress.org/changeset/523576/cms-tree-page-view
http://secunia.com/advisories/48510
http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/
http://www.osvdb.org/80573
http://www.securityfocus.com/bid/52708
https://exchange.xforce.ibmcloud.com/vulnerabilities/74337
https://www.htbridge.com/advisory/HTB23083
http://plugins.trac.wordpress.org/changeset/523576/cms-tree-page-view
http://secunia.com/advisories/48510
http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/
http://www.osvdb.org/80573
http://www.securityfocus.com/bid/52708
https://exchange.xforce.ibmcloud.com/vulnerabilities/74337
https://www.htbridge.com/advisory/HTB23083