CVE-2011-3860

Published Sep 28, 2011

Last updated a year ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBAF6DCD-36B2-4E3A-AC3F-70C69ABFCF8D",
            "versionEndIncluding": "1.6.5"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8FFE575-197B-4642-AB1F-680EE28920BB"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86C4387E-53CD-4E92-BF3C-64412C68648C"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDB4E201-1B1A-44C6-B40C-2340967D0760"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C94FE880-326C-4EF3-99EA-AC73F9D37ABD"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C026683-D5F9-4376-8DBD-65EDBBB53051"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADDAB385-1559-44B6-909B-98F0E0AAA86E"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "207AB4EF-DDC2-4F33-87F4-029C01BC0C8B"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "927AB4AD-0B42-4873-B24F-D080784D1FD1"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF31D66A-D5A3-47C5-AAE7-76259364EA92"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3625724C-E183-4A8A-B5C4-FB0DBD959C8F"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DED329E2-852A-47CE-8AA0-D994DD604AD7"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ADC018F-975A-4B03-925C-3B592CFA39F4"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84409E5F-920C-4A97-95EE-27B4BD88850E"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D249FB37-9F3F-4AA6-9BE1-060EFF194A9D"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CF3F0E0-F6D7-4D50-9E07-8E24035C5569"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "281FFF4A-AC70-4DD4-A9DD-31486B992BC5"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A69140A4-E602-431C-B022-F6AD261D1093"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D521AC3E-80FA-46CA-A7B8-FB25608A9F74"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A67A96A-D0A6-4560-A282-E13179B825D6"
          },
          {
            "criteria": "cpe:2.3:a:onedesigns:cover_wp:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDADF112-AF70-4363-8BE6-ECBF070DC732"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "847DA578-4655-477E-8A6F-99FBE738E4F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References