{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T08:38:56.975","vulnerabilities":[{"cve":{"id":"CVE-2012-2759","sourceIdentifier":"cve@mitre.org","published":"2012-05-22T16:55:01.570","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter in a lostpassword action to wp-login.php."},{"lang":"es","value":"Una vulnerabilidad de ejecución de comandos en sitios cruzados(XSS) en el plugin \"Login With Ajax\" (tambien conocido como login-with-ajax) antes de v3.0.4.1 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro 'callback' en una acción lostpassword a wp-login.php."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:*:*:*:*:*:*:*:*","versionEndIncluding":"3.0.4","matchCriteriaId":"9D6A458F-46B0-4FC1-B4CD-0E91FA0CF908"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.1:*:*:*:*:*:*:*","matchCriteriaId":"CD2BFC69-0881-4F81-92C5-94F90169119A"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"2B6726B3-C5FC-4731-953C-C14FF28A4D5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"F479FF4C-3DC0-4FDD-BB75-619EDDCDF601"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.1.3:*:*:*:*:*:*:*","matchCriteriaId":"51200B37-BB98-4279-9E45-87171276EE55"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.1.4:*:*:*:*:*:*:*","matchCriteriaId":"24D1A2ED-7EFF-4039-A165-B7B70CE15EA8"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.1.5:*:*:*:*:*:*:*","matchCriteriaId":"68E9C0A4-0D88-4D15-AB3B-0BA4D2791A59"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.2:*:*:*:*:*:*:*","matchCriteriaId":"A08A4525-F020-4E7A-BECB-5D21C9C5236D"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:2.21:*:*:*:*:*:*:*","matchCriteriaId":"0A9C3628-4A5A-45FE-A63E-DCBA3C51A67D"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:3.0:*:*:*:*:*:*:*","matchCriteriaId":"1530AD41-0F8E-4F22-9294-91ECC119BA04"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"17B94D95-E7F2-44EA-9524-BEE59BD67823"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:3.0.2:*:*:*:*:*:*:*","matchCriteriaId":"F10A8857-8D7F-4900-A2FD-6964C3995991"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:3.0.3:*:*:*:*:*:*:*","matchCriteriaId":"AAB426AB-AB03-47B4-8EDA-AADE504324A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:netweblogic:login_with_ajax:3.0b:*:*:*:*:*:*:*","matchCriteriaId":"E6D4FBAE-4196-4745-9F31-73AAA0BE626E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","matchCriteriaId":"847DA578-4655-477E-8A6F-99FBE738E4F9"}]}]}],"references":[{"url":"http://osvdb.org/81712","source":"cve@mitre.org"},{"url":"http://plugins.trac.wordpress.org/changeset/541069","source":"cve@mitre.org"},{"url":"http://wordpress.org/extend/plugins/login-with-ajax/changelog/","source":"cve@mitre.org"},{"url":"http://www.secureworks.com/research/advisories/SWRX-2012-003/","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/53423","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/75470","source":"cve@mitre.org"},{"url":"http://osvdb.org/81712","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://plugins.trac.wordpress.org/changeset/541069","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://wordpress.org/extend/plugins/login-with-ajax/changelog/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.secureworks.com/research/advisories/SWRX-2012-003/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/53423","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/75470","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}