CVE-2014-4596

2014-07-02T18:55:00
ID CVE-2014-4596
Type cve
Reporter cve@mitre.org
Modified 2015-08-28T16:35:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in js/button-snapapp.php in the SnapApp plugin 1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) msg or (2) act parameter.