CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0CVE-2012-2920 – User Photo <= 0.9.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-2920
Cross-site scripting (XSS) vulnerability in the userphoto_options_page function in user-photo.php in the User Photo plugin before 0.9.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to wp-admin/options-general.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función userphoto_options_page de user-photo.php del complemento User Photo en versiones anteriores a la 0.9.5.2 de WordPress. Permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de PATH_INFO de wp-admin/options-general.php. NOTA: algunos de estos detalles han sido obtenidos de información procedente de terceras partes. • http://osvdb.org/81806 http://plugins.trac.wordpress.org/changeset?old_path=%2Fuser-photo&old=541880&new_path=%2Fuser-photo&new=541880 http://secunia.com/advisories/49100 http://wordpress.org/extend/plugins/user-photo/changelog http://www.securityfocus.com/bid/53449 https://exchange.xforce.ibmcloud.com/vulnerabilities/75496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 1CVE-2013-1916 – User Photo <= 0.9.4 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2013-1916
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved. En el plugin User Photo de WordPress 0.9.4, cuando es subida una foto, sólo es comprobada parcialmente y es posible cargar una puerta trasera en el servidor que aloja WordPress. Este backdoor puede ser llamado (ejecutado) incluso si la foto aún no ha sido aprobada • https://www.exploit-db.com/exploits/16181 https://plugins.trac.wordpress.org/changeset/347137 https://wordpress.org/plugins/user-photo/#developers • CWE-434: Unrestricted Upload of File with Dangerous Type •