CVE-2012-3434

N/A Unknown

Published: August 15, 2012 Modified: April 29, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php in the Count Per Day module before 3.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) datemin, or (3) datemax parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://plugins.trac.wordpress.org/changeset/571926/count-per-day

Source: secalert@redhat.com

Exploit Patch

http://secunia.com/advisories/49692

Source: secalert@redhat.com

Exploit Vendor Advisory

http://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt

Source: secalert@redhat.com

Exploit

http://www.openwall.com/lists/oss-security/2012/07/24/4

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/07/27/2

Source: secalert@redhat.com

http://www.osvdb.org/83491

Source: secalert@redhat.com

Exploit

http://www.tomsdimension.de/wp-plugins/count-per-day

Source: secalert@redhat.com

http://plugins.trac.wordpress.org/changeset/571926/count-per-day