CVE-2012-1834 - Vulnerability Details

Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cms Tree Page View Project	Cms Tree Page View

Configuration 1 [-]

OR	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view::::::wordpress::*
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.1:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.1a:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.2:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.3:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.1:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.2:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.3:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.4:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.5:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.6:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.7:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.8:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.4.9:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.1:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.2:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.3:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.4:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.5:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.6:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.5.7:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.6:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.6.1:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.6.2:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.6.3:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.1:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.2:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.3:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.4:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.5:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.6:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.7:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.8:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.9:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.10:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.11:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.12:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.13:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.14:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.15:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.16:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.17:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.18:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.19:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.7.20:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.1:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.2:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.3:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.4:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.5:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.6:::::wordpress::
	cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:0.8.7:::::wordpress::

No data.

References

Link	Providers
http://plugins.trac.wordpress.org/changeset/523576/cms-tree-page-view
http://secunia.com/advisories/48510
http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/
http://www.osvdb.org/80573
http://www.securityfocus.com/bid/52708
https://exchange.xforce.ibmcloud.com/vulnerabilities/74337
https://www.htbridge.com/advisory/HTB23083

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-04-07T15:00:00

Updated: 2024-08-06T19:08:38.719Z

Reserved: 2012-03-21T00:00:00

Link: CVE-2012-1834

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-04-07T15:55:03.860

Modified: 2024-11-21T01:37:52.180

Link: CVE-2012-1834

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object