ID de Prueba:	1.3.6.1.4.1.25623.1.0.803372
Categoría:	Web application abuses
Título:	WordPress Traffic Analyzer Plugin XSS Vulnerability
Resumen:	The WordPress plugin 'Traffic Analyzer' is prone to a cross-site scripting (XSS) vulnerability.
Descripción:	Summary: The WordPress plugin 'Traffic Analyzer' is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: The input passed via 'aoid' parameters to '/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php' script is not properly validated. Vulnerability Impact: Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Affected Software/OS: WordPress Traffic Analyzer Plugin version 3.3.2 and prior Solution: Update to WordPress Traffic Analyzer Plugin version 3.4.0 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-3526 BugTraq ID: 58948 http://www.securityfocus.com/bid/58948 http://packetstormsecurity.com/files/121167/WordPress-Traffic-Analyzer-Cross-Site-Scripting.html http://osvdb.org/92197 http://secunia.com/advisories/52929 XForce ISS Database: wp-trafficanalyzer-taloaded-xss(83311) https://exchange.xforce.ibmcloud.com/vulnerabilities/83311
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.