CVE-2012-2916
WordPress <2.1 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in the SABRE plugin before 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the active_option parameter to wp-admin/tools.php.
References (5)
Scores
EPSS
0.0019
EPSS Percentile
39.9%
Classification
CWE
CWE-79
Status
published
Affected Products (23)
dlo/simple_anti_bot_registration_engine_plugin
< 1.2.0
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
dlo/simple_anti_bot_registration_engine_plugin
... and 8 more
Timeline
Published
May 21, 2012
Tracked Since
Feb 18, 2026