ID de Prueba:	1.3.6.1.4.1.25623.1.0.100944
Categoría:	Web application abuses
Título:	WordPress Twitter Feed Plugin 'url' Parameter Cross Site Scripting Vulnerability
Resumen:	The Twitter Feed Plugin for WordPress is prone to a cross-site; scripting vulnerability because it fails to properly sanitize user-supplied input.
Descripción:	Summary: The Twitter Feed Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Vulnerability Impact: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Affected Software/OS: Twitter Feed 0.3.1 is vulnerable. Other versions may also be affected. Solution: Remove Older version of Twitter Feed Plugin and Install Twitter Feed plugin version 1.0 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4825 BugTraq ID: 45294 http://www.securityfocus.com/bid/45294 http://www.johnleitch.net/Vulnerabilities/WordPress.Twitter.Feed.0.3.1.Reflected.Cross-site.Scripting/68 http://www.osvdb.org/69760 http://secunia.com/advisories/42542 XForce ISS Database: twitterfeed-url-xss(63942) https://exchange.xforce.ibmcloud.com/vulnerabilities/63942
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.