ID de Prueba:	1.3.6.1.4.1.25623.1.0.804048
Categoría:	Web application abuses
Título:	WordPress Recommend to a friend Plugin <= 2.0.2 XSS Vulnerability
Resumen:	The WordPress plugin 'Recommend to a friend' is prone to a cross-site scripting (XSS) vulnerability.
Descripción:	Summary: The WordPress plugin 'Recommend to a friend' is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: Flaw is due to an improper validation of user supplied input to the 'current_url' parameter in 'raf_form.php' script. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Affected Software/OS: WordPress Recommend to a friend Plugin version 2.0.2, Other versions may also be affected. Solution: Updates are available. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7276 http://packetstormsecurity.com/files/124587/WordPress-Recommend-Cross-Site-Scripting.html http://osvdb.org/101487 http://secunia.com/advisories/56209 XForce ISS Database: wp-recommendafriend-rafform-xss(89989) https://exchange.xforce.ibmcloud.com/vulnerabilities/89989
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.