CVE-2011-3864

Published Sep 28, 2011

Last updated a year ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD99CC47-91CA-4E74-B219-D9778D8CB57F",
            "versionEndIncluding": "2.7.8"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "859346F0-5DB2-485C-869A-02862675A9E1"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5589D1EE-23F6-4AE9-9120-EF5359D9414E"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A92DFB58-F74A-4C5C-A7AC-7BC75ED762FB"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8306C68E-75AF-49C6-BB36-47F5FAA9F7E1"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32ACFD71-96F9-4964-8A75-9CDB2352E5C4"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72104D21-C932-4B4B-AD15-C222F4436007"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66149665-A926-418D-B7B4-2BDF5D8CCD20"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "033E1E88-6AA3-446A-9961-88087FF81AF0"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43463FFD-69E0-4EAC-9C55-5AE3276C0445"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32A94112-FA7B-472F-ACA8-9A18DE20A675"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "303E02DD-A43A-4D0F-9F75-8A1C3BD45DF0"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1AC5A3E-41A7-489E-8219-4AC93430846F"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3731D1F7-5D99-4FE2-B53F-5CE44C15BDAF"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CA30AEE-7C55-42AD-BEAB-0F34EAFDB780"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BAC4209-AEE9-4213-A796-CFCBD259FD01"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "915C9925-4F7D-4224-924D-B099D451E059"
          },
          {
            "criteria": "cpe:2.3:a:somadesign:the_erudite:2.7.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99227F92-5619-4F4C-8CF6-F31413D64995"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "847DA578-4655-477E-8A6F-99FBE738E4F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References