CVSS: 6.1EPSS: 0%CPEs: 55EXPL: 0CVE-2011-5128 – Adminimize < 1.7.22 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-5128
29 Aug 2012 — Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin before 1.7.22 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3) inc-options/im_export_options.php, or the (4) post or (5) post_ID parameters to adminimize.php, different vectors than CVE-2011-4926. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS)en el plugin a... • http://plugins.trac.wordpress.org/changeset?reponame=&new=467338%40adminimize&old=466900%40adminimize#file5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 3%CPEs: 55EXPL: 2CVE-2011-4926 – Adminimize <= 1.7.21 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-4926
29 Aug 2012 — Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS)en adminimize/adminimize_page.php en el plugin anterior a v1.7.22 para WordPress permite a atacantes remotos inyectar código web o HTML a través del parámetro page. • https://www.exploit-db.com/exploits/36325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •