EUVD-2015-4360

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Cross-site scripting vulnerability in XCloner plugin allows remote users to inject web script.

Reporter	Title	Published	Views	Family All 9
CNVD	WordPress plugin XCloner cross-site scripting vulnerability	8 Jun 201500:00	–	cnvd
CVE	CVE-2015-4337	17 Jun 201518:00	–	cve
Cvelist	CVE-2015-4337	17 Jun 201518:00	–	cvelist
NVD	CVE-2015-4337	17 Jun 201518:59	–	nvd
Packet Storm	WordPress XCloner 3.1.2 XSS / Command Execution	31 May 201500:00	–	packetstorm
Patchstack	WordPress XCloner Plugin <= 3.1.2 - XSS	5 Jun 201500:00	–	patchstack
Prion	Cross site scripting	17 Jun 201518:59	–	prion
securityvulns	Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	8 Jun 201500:00	–	securityvulns
WPVulnDB	XCloner - Backup and Restore 3.1.2 - XSS & Command Execution	10 May 201500:00	–	wpvulndb

[
  {
    "enisaIdVendor": [
      {
        "id": "962dc775-4fbf-3e0d-a3e7-467e846bd7cf",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "84c14777-a478-3c9d-a545-01319d287356",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2015-4337
securityfocus	www.securityfocus.com/bid/74943
packetstormsecurity	www.packetstormsecurity.com/files/132107/WordPress-XCloner-3.1.2-XSS-Command-Execution.html
vapid	www.vapid.dhs.org/advisory.php
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 23.5

EPSS0.00179