CVE-2011-5107

CVE Database · CVE-2011-5107

CVE-2011-5107

· N/AModified

CVSS v3.1

N/A

EPSS

8.77%

Published

Aug 23, 2012

Modified

Apr 28, 2026

Public PoC / Exploit (3)

All weaponized →

Exploit-DBWordPress Plugin Alert Before Your Post - 'name' Cross-Site Scripting NucleiNuclei detection template TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in post_alert.php in Alert Before Your Post plugin, possibly 0.1.1 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter.

Weaknesses (CWE)

CWE-79

Affected Products (2)

wordpress · alert_before_you_postvulnerable

wordpress · wordpress

References (6)

http://www.securityfocus.com/archive/1/520590/100/0/threaded

http://www.securityfocus.com/bid/50743

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/71413

http://www.securityfocus.com/archive/1/520590/100/0/threaded

http://www.securityfocus.com/bid/50743

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/71413

KEV Catalog EPSS Scores Vendors All CVEs