oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015)

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 27 Jul 2012 02:12:52 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/24/2012 01:26 AM, Henri Salo wrote:

Hello,

Can we assign 2012 CVE-identifier for XSS vulnerability in
WordPress plugin Count Per Day, thanks.

Original advisory:
http://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt 
OSVDB: http://osvdb.org/show/osvdb/83491 Secunia advisory:
http://secunia.com/advisories/49692/ Vendor page:
http://www.tomsdimension.de/wp-plugins/count-per-day SCM:
http://plugins.trac.wordpress.org/changeset/571926/count-per-day#file22

 Fixed in version 3.2 of the plugin, which I manually verified.

- Henri Salo



Sorry forgot to about this one. Please use CVE-2012-3434 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQEk2EAAoJEBYNRVNeJnmTlyUP/ivkklXhU+nObX/T80m9ujIF
JJcoejmbkl8kVsBhezT0wm8vKKKJpgHAvI/7M/IrEBw2OAXjQETWCkxWqOAGvgyG
zFXsFSFPpVYyOtrfTdF4PIE+6rw54rT/n0FOSwZa3MyrDEFRydzreUzpovDm32b3
xeAuXu0wixgxCr4p6RmuKbeFIoInIJhwBKf2NgcUP1DumjIGru0yryLwg7kI+FaK
wTlgHNEuCiWN5tPvHd5EmVMi9KPTDiRFpaylSUvu28O6aaV4FPtlSd7TVseuyEz2
Fkv0R/kUgimmoBtfN0K79nTgkLTZ79ETGQWC7uwH6lQLCd3wYRbUdn6XvLiE3+r0
euEoeWVitEec0RnZns/xpULuXZvL0tbwBdCyQ1ipbmeY3fVyYrSE84hgb3SOddbi
MEBZODZgsiK5UUL6d3mxRPHYwTHxs6ZJyd1AHbXAZjX0smJ7+t0e/Lfd1JiDZaqP
IzDeRZDSXwjzhBfIEMfzK+fjbCSa5lZA0Ufc7dRzvjzz0uAWobOLWEOexvYpMjZZ
vetfsKz0PDbg/9gajz2SsTMQk47MS3w882igYzkIq/pDgHiJQkKh/Rl/8bglfNpn
HwNnlcl3XYzuGMrHAb2zSKhe11TPprMe+OK0+dNwprZx6lEqnDbLgM+8tHYevThp
Oe9yvBL8mx/xKX3PhTj8
=cUhC
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: