CVE-2011-5192 – Pretty Link Lite < 1.5.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-5192
Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty Link Lite plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter, a different vulnerability than CVE-2011-5191. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en pretty-Bar.php en el plugin para WordPress Pretty Link Lite antes de v1.5.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro slug. Se trata de una vulnerabilidad diferente a CVE-2011-5191a • http://plugins.trac.wordpress.org/changeset/485819/pretty-link http://secunia.com/advisories/47456 http://wordpress.org/extend/plugins/pretty-link/changelog http://www.securityfocus.com/bid/51306 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-5191 – Pretty Link Lite < 1.5.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-5191
Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty Link Lite plugin before 1.5.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter, a different vulnerability than CVE-2011-5192. Vulnerabilidad de ejecución de secuencias de comandos (XSS) en pretty-bar.php en Pretty Link Lite plugin antes de v1.5.4 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro slug, una vulnerabilidad diferente de CVE-2011-5192. • http://plugins.trac.wordpress.org/changeset/473693/pretty-link http://wordpress.org/extend/plugins/pretty-link/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •