CVE-2012-2916

Published May 21, 2012

Last updated 7 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in the SABRE plugin before 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the active_option parameter to wp-admin/tools.php.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE13D3F3-E164-4B16-8E06-962BEA8D3F3B",
            "versionEndIncluding": "1.2.0"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "694592BA-55D0-43C9-9378-2AAC431D420F"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F665C022-09D9-4B97-91AC-788B9F096132"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70314B83-E77B-4FCB-BCBA-7B2F64A12B6F"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A98C48A1-3B14-41F5-A34D-5A6F83E6D54C"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ED61BE7-230D-41A2-92D7-EB119A20F658"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B671D5D7-07FA-49A7-BA7F-BE023A9DDD9A"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAA3488A-A2E4-44C4-B15E-56FF4B94C35A"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F12AC55-8486-40D1-A5F0-F54F1353F6E5"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22BE1010-77CA-42CE-8B0B-B1986EFD34B1"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43452230-277B-46AC-AF5A-F23C538AA634"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D31948E-4BDD-4F29-A587-589CB3840575"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F18EC542-B6B7-470D-BB1E-AA9264E281C3"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C853BB05-6CB4-494C-8511-522E5F7682CD"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "829700B8-99A3-4BBE-8872-478425C45F04"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3C7F457-3156-4762-9C08-8F29BF6BA46B"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E05BE8DB-A4CE-4B0D-8479-9702EED199BA"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:0.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ADA2A6C-E88B-4E80-BE05-4F6C1C0024E2"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6465A881-CBF6-4D0D-BDCC-272620722875"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDA8220A-B5CF-46C0-92CC-B6EF2A046DF0"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "468404D6-B9C8-41B4-96C8-B3FBBCA47CF2"
          },
          {
            "criteria": "cpe:2.3:a:dlo:simple_anti_bot_registration_engine_plugin:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EE1B392-F1F3-4E14-8F6C-253D848439A2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "847DA578-4655-477E-8A6F-99FBE738E4F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References