Lucene search
Larry W. CashdollarPATCHSTACK:051FCAC375671FCBCE1A79B6D58A256DHistoryApr 12, 2016 - 12:00 a.m.
WordPress New Year Firework Plugin <= 1.1.9 - Cross Site Scripting (XSS)
2016-04-1200:00:00
Larry W. Cashdollar
patchstack.com
3
0.001 Low
EPSS
Percentile
46.5%
Because of this vulnerability, the variable text appears to send unsanitized data back to the users browser.
The vulnerable file is /new-year-firework/firework/index.php.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| new year firework | le | 1.1.9 |
Related
wpvulndb
wpvulndb
wpexploit
wpexploit
prion
prion
Cross site scripting
2016-10-10 20:59:00
nvd
nvd
CVE-2016-1000140
2016-10-10 20:59:17
cve
cve
CVE-2016-1000140
2016-10-10 20:59:17
nuclei
nuclei
WordPress New Year Firework <=1.1.9 - Cross-Site Scripting
2021-07-20 23:16:34
cvelist
cvelist
CVE-2016-1000140
2016-10-10 20:00:00