Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Pay With Tweet SQL Injection and Cross-Site Scripting Vulnerabilities - CVE-2012-5349 - Vulnerability Database
WP Plugin Pay With Tweet

WordPress Plugin Pay With Tweet SQL Injection and Cross-Site Scripting Vulnerabilities - CVE-2012-5349

Critical
Reference: CVE-2012-5349
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-5349
Title: WordPress Plugin Pay With Tweet SQL Injection and Cross-Site Scripting Vulnerabilities
Overview:

WordPress Plugin Pay With Tweet is prone to an SQL injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials compromise the application access or modify data or exploit latent vulnerabilities in the underlying database. WordPress Plugin Pay With Tweet version 1.1 is vulnerable other versions may also be affected.