Lucene search
MitreCVELIST:CVE-2014-4570HistoryJul 02, 2014 - 6:00 p.m.
CVE-2014-4570
2014-07-0218:00:00
mitre
www.cve.org
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) room_name parameter to c_login.php or (2) room parameter to index.php in vp/.
References
codevigilant.com/disclosure/wp-plugin-videowhisper-video-presentation-a3-cross-site-scripting-xss
www.securityfocus.com/bid/69511
plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=839980%40videowhisper-video-presentation&old=600781%40videowhisper-video-presentation&sfp_email=&sfph_mail=#file4
Related
cve
cve
CVE-2014-4570
2014-07-02 18:55:09
openvas
openvas
WordPress VideoWhisper Video Presentation Cross Site Scripting Vulnerability
2014-08-26 00:00:00
wpvulndb
wpvulndb
prion
prion
Cross site scripting
2014-07-02 18:55:00
patchstack
patchstack
WordPress VideoWhisper Video Presentation Plugin <= 3.30 - Multiple XSS
2014-06-23 00:00:00
nvd
nvd
CVE-2014-4570
2014-07-02 18:55:09