Published: 07/04/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin prior to 0.8.9 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cms tree page view project cms tree page view 0.8.3
cms tree page view project cms tree page view 0.8.2
cms tree page view project cms tree page view 0.7.16
cms tree page view project cms tree page view 0.7.15
cms tree page view project cms tree page view 0.7.8
cms tree page view project cms tree page view 0.7.7
cms tree page view project cms tree page view 0.6.3
cms tree page view project cms tree page view 0.6.2
cms tree page view project cms tree page view 0.5.3
cms tree page view project cms tree page view 0.5.2
cms tree page view project cms tree page view 0.4.5
cms tree page view project cms tree page view 0.4.4
cms tree page view project cms tree page view 0.1a
cms tree page view project cms tree page view 0.8.1
cms tree page view project cms tree page view 0.8
cms tree page view project cms tree page view 0.7.14
cms tree page view project cms tree page view 0.7.13
cms tree page view project cms tree page view 0.7.6
cms tree page view project cms tree page view 0.7.5
cms tree page view project cms tree page view 0.6.1
cms tree page view project cms tree page view 0.6
cms tree page view project cms tree page view 0.5.1
cms tree page view project cms tree page view 0.5
cms tree page view project cms tree page view 0.4.3
cms tree page view project cms tree page view 0.4.2
cms tree page view project cms tree page view 0.4.1
cms tree page view project cms tree page view
cms tree page view project cms tree page view 0.8.7
cms tree page view project cms tree page view 0.8.6
cms tree page view project cms tree page view 0.7.20
cms tree page view project cms tree page view 0.7.19
cms tree page view project cms tree page view 0.7.12
cms tree page view project cms tree page view 0.7.11
cms tree page view project cms tree page view 0.7.4
cms tree page view project cms tree page view 0.7.3
cms tree page view project cms tree page view 0.7.2
cms tree page view project cms tree page view 0.5.7
cms tree page view project cms tree page view 0.5.6
cms tree page view project cms tree page view 0.4.9
cms tree page view project cms tree page view 0.4.8
cms tree page view project cms tree page view 0.4
cms tree page view project cms tree page view 0.3
cms tree page view project cms tree page view 0.8.5
cms tree page view project cms tree page view 0.8.4
cms tree page view project cms tree page view 0.7.18
cms tree page view project cms tree page view 0.7.17
cms tree page view project cms tree page view 0.7.10
cms tree page view project cms tree page view 0.7.9
cms tree page view project cms tree page view 0.7.1
cms tree page view project cms tree page view 0.7
cms tree page view project cms tree page view 0.5.5
cms tree page view project cms tree page view 0.5.4
cms tree page view project cms tree page view 0.4.7
cms tree page view project cms tree page view 0.4.6
cms tree page view project cms tree page view 0.2
cms tree page view project cms tree page view 0.1

CWE-79 http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/http://www.securityfocus.com/bid/52708 http://www.osvdb.org/80573 http://secunia.com/advisories/48510 https://www.htbridge.com/advisory/HTB23083 http://plugins.trac.wordpress.org/changeset/523576/cms-tree-page-view https://exchange.xforce.ibmcloud.com/vulnerabilities/74337 https://nvd.nist.gov

Get Started

CVE-2012-1834

Vulnerability Summary

References

Vulmon Search

About

Products

Connect