CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-5346

Cross-site scripting (XSS) vulnerability in wp-live.php in the WP Live.php module 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/files/108282/wplivephp-xss.txt
http://www.securityfocus.com/bid/51220
https://exchange.xforce.ibmcloud.com/vulnerabilities/72080
http://packetstormsecurity.org/files/108282/wplivephp-xss.txt
http://www.securityfocus.com/bid/51220
https://exchange.xforce.ibmcloud.com/vulnerabilities/72080

Products affected by CVE-2012-5346

Bencemeszaros » Wp-Livephp » Version: 1.2.1

cpe:2.3:a:bencemeszaros:wp-livephp:1.2.1
Wordpress » Wordpress » Version: N/A

cpe:2.3:a:wordpress:wordpress:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5346

Products

Pricing

Contact Us