Lucene search
N/APATCHSTACK:0B9227A00AB60DD2E371EEFE9387A707HistoryAug 20, 2015 - 12:00 a.m.
WordPress YouTube Embed Plugin <= 3.3.2 - XSS
2015-08-2000:00:00
N/A
patchstack.com
7
0.001 Low
EPSS
Percentile
38.1%
The vulnerability exists in includes/options-profiles.php. It allows remote administrator to inject arbitrary web script or HTML via the Profile name field.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| youtube embed | le | 3.3.2 |
Related
prion
prion
Cross site scripting
2015-08-31 18:59:00
cve
cve
CVE-2015-6535
2015-08-31 18:59:09
packetstorm
packetstorm
WordPress YouTube Embed 3.3.2 Cross Site Scripting
2015-08-26 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2015-6535
2015-08-31 18:00:00
zdt
zdt
WordPress YouTube Embed 3.3.2 Cross Site Scripting Vulnerability
2015-08-27 00:00:00
nvd
nvd
CVE-2015-6535
2015-08-31 18:59:09