CVE-2011-5182

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating "Lanoba's plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user's behalf.

🔗 References (10)

cve@mitrehttp://www.securityfocus.com/archive/1/520574/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/520678/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/50746
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/71411
cve@mitrehttps://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/520574/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/520678/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/50746
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/71411
af854a3a-2127-422b-91ae-364da2661108https://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities

Is Your Infrastructure Affected by CVE-2011-5182?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2011-5182

📅 Published

🔄 Last Modified

🔗 References (10)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2011-5182?