Lucene search
MitreCVELIST:CVE-2013-3529HistoryMay 10, 2013 - 9:00 p.m.
CVE-2013-3529
2013-05-1021:00:00
mitre
www.cve.org
Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.
References
packetstormsecurity.com/files/121030/WordPress-FuneralPress-1.1.6-Cross-Site-Scripting.html
plugins.trac.wordpress.org/changeset?old_path=%2Fwp-funeral-press&old=690038&new_path=%2Fwp-funeral-press&new=690038
seclists.org/fulldisclosure/2013/Mar/282
secunia.com/advisories/52809
wordpress.org/extend/plugins/wp-funeral-press/changelog/
www.exploit-db.com/exploits/24914
www.securityfocus.com/bid/58790
exchange.xforce.ibmcloud.com/vulnerabilities/83188
Related
cve
cve
CVE-2013-3529
2013-05-10 21:55:02
wpvulndb
wpvulndb
FuneralPress 1.1.6 - Stored XSS
2014-08-01 10:58:59
prion
prion
Cross site scripting
2013-05-10 21:55:00
patchstack
patchstack
WordPress FuneralPress Plugin 1.1.6 - Persistent XSS
2013-04-02 00:00:00
nvd
nvd
CVE-2013-3529
2013-05-10 21:55:02