CVE-2014-4603

2014-07-02T14:55:11
ID CVE-2014-4603
Type cve
Reporter NVD
Modified 2015-09-02T13:15:48

Description

Multiple cross-site scripting (XSS) vulnerabilities in yupdates_application.php in the Yahoo! Updates for WordPress plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) secret, (2) key, or (3) appid parameter.