Lucene search
HistoryAug 31, 2015 - 6:59 p.m.
CVE-2015-6535
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.1%
Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugin before 3.3.3 for WordPress allows remote administrators to inject arbitrary web script or HTML via the Profile name field (youtube_embed_name parameter).
Affected configurations
Node
youtube_embed_projectyoutube_embedRange≤3.3.2wordpress
Related
patchstack
patchstack
WordPress YouTube Embed Plugin <= 3.3.2 - XSS
2015-08-20 00:00:00
prion
prion
Cross site scripting
2015-08-31 18:59:00
cve
cve
CVE-2015-6535
2015-08-31 18:59:09
packetstorm
packetstorm
WordPress YouTube Embed 3.3.2 Cross Site Scripting
2015-08-26 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2015-6535
2015-08-31 18:00:00
zdt
zdt
WordPress YouTube Embed 3.3.2 Cross Site Scripting Vulnerability
2015-08-27 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.1%
Related for NVD:CVE-2015-6535