Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for advanced_text_widget_plugin by simplerealtytheme
CVE-2011-4618 (GCVE-0-2011-4618)
Vulnerability from nvd – Published: 2013-01-24 01:00 – Updated: 2024-08-07 00:09
VLAI
Summary
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://plugins.trac.wordpress.org/changeset?repon… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.openwall.com/lists/oss-security/2011/12/19/6 | mailing-listx_refsource_MLIST |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/50744 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/520589 | mailing-listx_refsource_BUGTRAQ |
| http://wordpress.org/extend/plugins/advanced-text… | x_refsource_CONFIRM |
| http://wordpress.org/support/topic/wordpress-adva… | x_refsource_MISC |
Date Public
2011-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:19.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget",
"refsource": "CONFIRM",
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"name": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"name": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities",
"refsource": "MISC",
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4618",
"datePublished": "2013-01-24T01:00:00.000Z",
"dateReserved": "2011-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:09:19.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4618 (GCVE-0-2011-4618)
Vulnerability from cvelistv5 – Published: 2013-01-24 01:00 – Updated: 2024-08-07 00:09
VLAI
Summary
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://plugins.trac.wordpress.org/changeset?repon… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.openwall.com/lists/oss-security/2011/12/19/6 | mailing-listx_refsource_MLIST |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/50744 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/520589 | mailing-listx_refsource_BUGTRAQ |
| http://wordpress.org/extend/plugins/advanced-text… | x_refsource_CONFIRM |
| http://wordpress.org/support/topic/wordpress-adva… | x_refsource_MISC |
Date Public
2011-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:19.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102%40advanced-text-widget\u0026old=465828%40advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget",
"refsource": "CONFIRM",
"url": "http://plugins.trac.wordpress.org/changeset?reponame=\u0026new=466102@advanced-text-widget\u0026old=465828@advanced-text-widget"
},
{
"name": "advancedtextwidget-advancedtext-xss(71412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71412"
},
{
"name": "[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/12/19/6"
},
{
"name": "20120417 Re: Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0119.html"
},
{
"name": "50744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50744"
},
{
"name": "20111121 Wordpress advanced-text-widget Plugin Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520589"
},
{
"name": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/extend/plugins/advanced-text-widget/changelog/"
},
{
"name": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities",
"refsource": "MISC",
"url": "http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4618",
"datePublished": "2013-01-24T01:00:00.000Z",
"dateReserved": "2011-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:09:19.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}