CVE-2011-0740
published 2011-02-02CVE-2011-0740: Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary…
PriorityP423medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
4.66%
90.6th percentile
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| magpierss_project | magpierss | >= 0 < 0.72-10ubuntu1 | 0.72-10ubuntu1 |
| magpierss_project | magpierss | >= 0 < 0.72-11 | 0.72-11 |
| pleer | rss_feed_reader | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-492v-8jgq-fj65: Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox
ghsa_unreviewed·2022-05-17
CVE-2011-0740 [MEDIUM] CWE-79 GHSA-492v-8jgq-fj65: Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.
OSV
CVE-2011-0740: Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox
osv·2011-02-02·CVSS 4.3
CVE-2011-0740 [MEDIUM] CVE-2011-0740: Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.
No detection rules found.
Bugzilla
CVE-2011-0740 php-magpierss: XSS vulnerability
bugzilla·2011-02-02·CVSS 4.3
CVE-2011-0740 [MEDIUM] CVE-2011-0740 php-magpierss: XSS vulnerability
CVE-2011-0740 php-magpierss: XSS vulnerability
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0740 to
the following vulnerability:
Name: CVE-2011-0740
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0740
Assigned: 20110201
Reference: http://www.autosectools.com/Advisories/WordPress.RSS.Feed.Reader.for.WordPress.0.1_Reflected.Cross-site.Scripting_82.html
Reference: http://www.securityfocus.com/bid/45997
Reference: http://osvdb.org/70644
Reference: http://secunia.com/advisories/43071
Reference: http://xforce.iss.net/xforce/xfdb/64949
Cross-site scripting (XSS) vulnerability in
magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for
WordPress allows remote attackers to inject arbitrary web script or
HTML via the rss_url parameter.
Note that this wo
Bugzilla
CVE-2011-0740 php-magpierss: XSS vulnerability [fedora-all]
bugzilla·2011-02-02·CVSS 4.3
CVE-2011-0740 [MEDIUM] CVE-2011-0740 php-magpierss: XSS vulnerability [fedora-all]
CVE-2011-0740 php-magpierss: XSS vulnerability [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=674679
Please note: this issue affects multiple supported vers
Bugzilla
CVE-2011-0740 php-magpierss: XSS vulnerability [epel-all]
bugzilla·2011-02-02·CVSS 4.3
CVE-2011-0740 [MEDIUM] CVE-2011-0740 php-magpierss: XSS vulnerability [epel-all]
CVE-2011-0740 php-magpierss: XSS vulnerability [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=674679
Please note: this issue affects multiple supported versio
http://osvdb.org/70644http://secunia.com/advisories/43071http://www.autosectools.com/Advisories/WordPress.RSS.Feed.Reader.for.WordPress.0.1_Reflected.Cross-site.Scripting_82.htmlhttp://www.securityfocus.com/bid/45997https://exchange.xforce.ibmcloud.com/vulnerabilities/64949http://osvdb.org/70644http://secunia.com/advisories/43071http://www.autosectools.com/Advisories/WordPress.RSS.Feed.Reader.for.WordPress.0.1_Reflected.Cross-site.Scripting_82.htmlhttp://www.securityfocus.com/bid/45997https://exchange.xforce.ibmcloud.com/vulnerabilities/64949
2011-02-02
Published