VYPR
Unrated severityNVD Advisory· Published Jan 30, 2012· Updated Jun 16, 2026

CVE-2012-0782

CVE-2012-0782

Description

Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether this specific XSS scenario has security relevance

Affected products

74
  • WordPress/WordPress74 versions
    cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*+ 73 more
    • cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*range: <=3.3.1
    • cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:0.72:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*
    • (no CPE)range: <=3.3.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.