CVE-2012-2633

WassUp <1.8.3.1 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

References (6)

Scores

EPSS 0.0030
EPSS Percentile 52.6%

Classification

CWE
CWE-79
Status published

Affected Products (9)

wordpress/wassup_plugin < 1.8.3
wordpress/wassup_plugin
wordpress/wassup_plugin
wordpress/wassup_plugin
wordpress/wassup_plugin
wordpress/wassup_plugin
wordpress/wassup_plugin
wordpress/wassup_plugin
n/a/n/a

Timeline

Published Jun 15, 2012
Tracked Since Feb 18, 2026