Multiple cross-site scripting (XSS) vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified HTML header fields to (1) 400.php, (2) 403.php, or (3) 403.php.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N
Vendors Products
Ait-pro
  • Bulletproof-security
Wordpress
  • Wordpress

Configuration 1 [-]

AND
OR cpe:2.3:a:ait-pro:bulletproof-security:*:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.45.4:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.45.5:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.45.6:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.45.7:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.45.8:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.45.9:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.1:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.2:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.3:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.4:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.5:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.6:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.7:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.8:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.46.9:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.1:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.2:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.3:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.4:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.5:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.6:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.7:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.8:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.47.9:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.1:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.2:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.3:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.4:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.5:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.6:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.7:*:*:*:*:*:*:*
cpe:2.3:a:ait-pro:bulletproof-security:.48.8:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*
References
Link Resource
http://osvdb.org/95928
http://osvdb.org/95929
http://osvdb.org/95930
http://secunia.com/advisories/53614 Vendor Advisory
http://wordpress.org/plugins/bulletproof-security/changelog
http://www.securityfocus.com/bid/61583
https://exchange.xforce.ibmcloud.com/vulnerabilities/86160
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: flexera

Published: 2014-03-03T16:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2013-05-07T00:00:00

Link: CVE-2013-3487

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2014-03-03T16:55:03.977

Modified: 2017-08-29T01:33:24.217

Link: CVE-2013-3487

JSON object: View

cve-icon Redhat Information

No data.

CWE