CVE-2012-5349

CVE Database · CVE-2012-5349

CVE-2012-5349

· N/AModified

CVSS v3.1

N/A

EPSS

3.03%

Published

Oct 9, 2012

Modified

Apr 28, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBWordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.

Weaknesses (CWE)

CWE-79

Affected Products (2)

wordpress · pay-with-tweetvulnerable

wordpress · wordpress

References (12)

http://secunia.com/advisories/47475

Vendor Advisory

http://wordpress.org/extend/plugins/pay-with-tweet/changelog/

http://www.exploit-db.com/exploits/18330

Exploit

http://www.osvdb.org/78205

http://www.securityfocus.com/bid/51308

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/72166

http://secunia.com/advisories/47475

Vendor Advisory

http://wordpress.org/extend/plugins/pay-with-tweet/changelog/

http://www.exploit-db.com/exploits/18330

Exploit

KEV Catalog EPSS Scores Vendors All CVEs