ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Organizer Plugin 1.2.1 - Multiple Security Vulnerabilities

Product
Organizer
Description
WordPress Organizer plugin is prone to a cross-site scripting, information disclosure and directory-traversal vulnerabilities. These vulnerabilities allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the browser, also, disclose sensitive information.
Solution
Update the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-2012-6512
Versions
Affected In <= 1.2.1
Fixed In 1.2.2
Disclosure date
2012-06-15
Credits
MustLive