Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2011-0740

Published: 02/02/2011 Updated: 17/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Pleer

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the rss_url parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

pleer rss_feed_reader 0.1

Vendor Advisories

Debian CVElist Bug Report Logs: magpierss: CVE-2011-0740 Cross-site scripting vulnerability in scripts/magpie_slashbox.php
Debian Bug report logs - #611940 magpierss: CVE-2011-0740 Cross-site scripting vulnerability in scripts/magpie_slashboxphp Package: magpierss; Maintainer for magpierss is Debian PHP PEAR Maintainers <pkg-php-pear@listsaliothdebianorg>; Reported by: Jonathan Wiltshire <jmw@debianorg> Date: Thu, 3 Feb 2011 22:51:0 ...

Exploits

Exploit DB: WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/45997/info The RSS Feed Reader WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This c ...

References

CWE-79http://osvdb.org/70644http://www.securityfocus.com/bid/45997http://www.autosectools.com/Advisories/WordPress.RSS.Feed.Reader.for.WordPress.0.1_Reflected.Cross-site.Scripting_82.htmlhttp://secunia.com/advisories/43071https://exchange.xforce.ibmcloud.com/vulnerabilities/64949https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611940https://nvd.nist.govhttps://www.exploit-db.com/exploits/35261/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook