Lucene search
MitreCVELIST:CVE-2015-2218HistoryMar 05, 2015 - 4:00 p.m.
CVE-2015-2218
2015-03-0516:00:00
mitre
www.cve.org
Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) item[name] or (2) item[customcss] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or the itemid parameter in the (3) wonderplugin_audio_show_item or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php.
Related
cve
cve
CVE-2015-2218
2015-03-05 16:59:01
nvd
nvd
CVE-2015-2218
2015-03-05 16:59:01
prion
prion
Cross site scripting
2015-03-05 16:59:00
patchstack
patchstack
WordPress Audio Player Plugin <= 2.0 - Multiple XSS
2015-03-05 00:00:00
wpvulndb
wpvulndb
WonderPlugin Audio Player 2.0 - Blind SQL Injection & XSS
2015-02-19 00:00:00
kaspersky
kaspersky
KLA10491 Multiple vulnerabilities in WordPress plugins
2015-03-17 00:00:00