CVE-2011-4926
EXPLOITED NUCLEIAdminimize < 1.7.22 - Cross-Site Scripting via Page Parameter
Title source: llmExploitation Summary
CVE-2011-4926 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Am!r. A Nuclei detection template is also available.
AI-analyzed exploit summary This is a vulnerability writeup describing a cross-site scripting (XSS) flaw in the Adminimize WordPress plugin. The issue arises from improper sanitization of user-supplied input in the 'page' parameter, allowing arbitrary script execution in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Exploits (1)
This is a vulnerability writeup describing a cross-site scripting (XSS) flaw in the Adminimize WordPress plugin. The issue arises from improper sanitization of user-supplied input in the 'page' parameter, allowing arbitrary script execution in the context of the affected site.