CVE-2011-5082
s2Member® Framework (Membership, Member Level Roles, Access Capabilities, PayPal Members) < 111220 - Cross-Site Scripting
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field).
Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el plugin de WordPress 's2Member Pro' antes de v111220 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s2member_pro_authnet_checkout [coupon](también conocido como Código de cupón).
*Credits:
Chris Martin
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-02-12 CVE Published
- 2012-03-19 CVE Reserved
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.primothemes.com/forums/viewtopic.php?f=4&t=16173#p56982 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/51997 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/73202 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/47954 | 2017-08-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | <= 111216 Search vendor "S2member" for product "S2member" and version " <= 111216" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110604 Search vendor "S2member" for product "S2member" and version "110604" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110605 Search vendor "S2member" for product "S2member" and version "110605" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110606 Search vendor "S2member" for product "S2member" and version "110606" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110617 Search vendor "S2member" for product "S2member" and version "110617" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110620 Search vendor "S2member" for product "S2member" and version "110620" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110708 Search vendor "S2member" for product "S2member" and version "110708" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110709 Search vendor "S2member" for product "S2member" and version "110709" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110710 Search vendor "S2member" for product "S2member" and version "110710" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110731 Search vendor "S2member" for product "S2member" and version "110731" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110812 Search vendor "S2member" for product "S2member" and version "110812" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110815 Search vendor "S2member" for product "S2member" and version "110815" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110912 Search vendor "S2member" for product "S2member" and version "110912" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110913 Search vendor "S2member" for product "S2member" and version "110913" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110915 Search vendor "S2member" for product "S2member" and version "110915" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110926 Search vendor "S2member" for product "S2member" and version "110926" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 110927 Search vendor "S2member" for product "S2member" and version "110927" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111002 Search vendor "S2member" for product "S2member" and version "111002" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111003 Search vendor "S2member" for product "S2member" and version "111003" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111011 Search vendor "S2member" for product "S2member" and version "111011" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111017 Search vendor "S2member" for product "S2member" and version "111017" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111029 Search vendor "S2member" for product "S2member" and version "111029" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111105 Search vendor "S2member" for product "S2member" and version "111105" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|
| S2member Search vendor "S2member" | S2member Search vendor "S2member" for product "S2member" | 111206 Search vendor "S2member" for product "S2member" and version "111206" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|