Vulnerability Details CVE-2011-3841
Cross-site scripting (XSS) vulnerability in uploadify/get_profile_avatar.php in the WP Symposium plugin before 11.12.08 for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/47243
- http://secunia.com/secunia_research/2011-82/
- http://www.securityfocus.com/bid/51017
- http://www.wpsymposium.com/2011/12/v11-12-08/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71748
- http://secunia.com/advisories/47243
- http://secunia.com/secunia_research/2011-82/
- http://www.securityfocus.com/bid/51017
- http://www.wpsymposium.com/2011/12/v11-12-08/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71748
Products affected by CVE-2011-3841
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.23
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.24
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.25
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.26
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.26.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.27
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.27.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.28
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.29
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.29.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.29.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.29.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.29.4
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.30
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.30.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.31
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.32
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.33
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.33.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.33.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.33.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.33.4
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.33.5
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.34
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.34.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.1.34.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.35
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.36
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.36.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.37
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.37.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.38
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.38.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.38.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.39
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.39.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.40
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.41
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.42
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.43
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.44
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.45
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.46
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.46.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.47.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.47.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.48
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.48.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.48.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.4
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.5
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.6
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.7
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.8
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.49.9
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.50
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.51
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.51.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.51.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.52
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.52.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.52.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.52.4
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.52.5
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.10
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.4
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.5
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.6
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.7
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.8
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.53.9
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.54
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.54.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.55
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.55.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.56
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.56.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.56.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.56.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.57
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.57.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.57.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.58
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.58.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59.4
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59.5
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.59.6
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.60
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.61
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.61.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.62
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.62.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.62.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.63
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.63.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.63.2
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.63.2.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.63.3
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:0.64
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.10.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.10.15
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.10.22
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.10.29
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.10.8
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.11.05
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.11.12
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.11.19
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.11.19.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.11.26
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.12.03
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.8.18
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.8.19
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.8.19.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.8.21
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.8.27
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.1
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.10
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.13
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.14
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.17
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.24
-
cpe:2.3:a:wpsymposiumpro:wp_symposium:11.9.4