Test Kennung:	1.3.6.1.4.1.25623.1.0.803372
Kategorie:	Web application abuses
Titel:	WordPress Traffic Analyzer Plugin XSS Vulnerability
Zusammenfassung:	This host is running WordPress with Traffic Analyzer plugin and;is prone to cross site scripting vulnerability.
Beschreibung:	Summary: This host is running WordPress with Traffic Analyzer plugin and is prone to cross site scripting vulnerability. Vulnerability Insight: The input passed via 'aoid' parameters to '/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php' script is not properly validated. Vulnerability Impact: Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Affected Software/OS: WordPress Traffic Analyzer Plugin version 3.3.2 and prior Solution: Update to WordPress Traffic Analyzer Plugin version 3.4.0 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 58948 Common Vulnerability Exposure (CVE) ID: CVE-2013-3526 http://www.securityfocus.com/bid/58948 http://packetstormsecurity.com/files/121167/WordPress-Traffic-Analyzer-Cross-Site-Scripting.html http://osvdb.org/92197 http://secunia.com/advisories/52929 XForce ISS Database: wp-trafficanalyzer-taloaded-xss(83311) https://exchange.xforce.ibmcloud.com/vulnerabilities/83311
Copyright	This script is Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.