← voltar
CVE-2007-4104

CVE-2007-4104

EPSS 5.1%
Multiple cross-site scripting (XSS) vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, one of which involves an rss2 feed with an invalid or missing blog with an XSS sequence in the query string.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/30403não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://blogsecurity.net/news/news-130707/http://blogsecurity.net/wordpress/news-260707/http://bueltge.de/plugin-wp-feedstats-in-neuer-version/481/http://marc.info/?l=full-disclosure&m=118548811323718&w=2http://osvdb.org/37259http://secunia.com/advisories/26249https://exchange.xforce.ibmcloud.com/vulnerabilities/35646http://www.securityfocus.com/bid/25085