📦

pay-with-tweet

Vendor: wordpress

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 0 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 3.01% Exploit Prob.

Latest CVE CVE-2012-5350 Oct 09

Security Vulnerability Index

Page 1 / 1

6.0 CVSS

CVE-2012-5350

Exploit Found

SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in a paywithtweet shortcode.

EPSS: 1.47%

Severity: MEDIUM

Oct 09, 2012

2.6 CVSS

CVE-2012-5349

Exploit Found

Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.

EPSS: 4.55%

Severity: LOW

Oct 09, 2012

Displaying 2 of 4 Total Entries

Total 1 Sections