VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 10, 2011· Updated Apr 29, 2026

CVE-2011-3127

CVE-2011-3127

Description

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • WordPress/WordPress5 versions
    cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:*
    • (no CPE)range: <3.1.3, <3.2 Beta 2
    Package: https://wordpress.org/plugins/wordpress

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.