CVE-2011-5191

Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty Link Lite plugin before 1.5.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter, a different vulnerability than CVE-2011-5192.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:*:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.13:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.15:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.16:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.17:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.18:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.19:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.20:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.21:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.22:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.23:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.24:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.25:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.26:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.27:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.28:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.29:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.30:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.31:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.32:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.33:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.34:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.35:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.36:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.38:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.39:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.41:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.42:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.43:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.44:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.45:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.46:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.47:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.48:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.49:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.50:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.51:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.52:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.53:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.55:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.4.56:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:blairwilliams:pretty_link_lite_plugin:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

History

21 Nov 2024, 01:33

Type Values Removed Values Added
References () http://plugins.trac.wordpress.org/changeset/473693/pretty-link - Exploit, Patch () http://plugins.trac.wordpress.org/changeset/473693/pretty-link - Exploit, Patch
References () http://wordpress.org/extend/plugins/pretty-link/changelog/ - Vendor Advisory () http://wordpress.org/extend/plugins/pretty-link/changelog/ - Vendor Advisory

Information

Published : 2012-09-23 17:55

Updated : 2024-11-21 01:33


NVD link : CVE-2011-5191

Mitre link : CVE-2011-5191

CVE.ORG link : CVE-2011-5191


JSON object : View

Products Affected

wordpress

  • wordpress

blairwilliams

  • pretty_link_lite_plugin
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')