Lucene search
Nicolas Buzy-DebatPATCHSTACK:2EBF0A885F8901E179242A717EB988ECHistoryJan 30, 2018 - 12:00 a.m.
WordPress Splashing Images plugin <=2.1 - Cross-Site Scripting (XSS) vulnerability
2018-01-3000:00:00
Nicolas Buzy-Debat
patchstack.com
6
0.002 Low
EPSS
Percentile
51.8%
Cross-Site Scripting (XSS) vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin (versions <=2.1). Possible remote injection of arbitrary web script or HTML via the search parameter to wp-admin/upload.php.
Solution
Update the WordPress Splashing Images plugin to the latest available version (at least 2.1.1).
| CPE | Name | Operator | Version |
|---|---|---|---|
| splashing images | le | 2.1 |
Related
cvelist
cvelist
CVE-2018-6194
2018-01-30 20:00:00
cve
cve
CVE-2018-6194
2018-01-30 20:29:00
wpvulndb
wpvulndb
Splashing Images <= 2.1 - Cross-Site Scripting (XSS)
2018-01-26 00:00:00
prion
prion
Cross site scripting
2018-01-30 20:29:00
nvd
nvd
CVE-2018-6194
2018-01-30 20:29:00
packetstorm
packetstorm
WordPress Splashing Images 2.1 Cross Site Scripting / PHP Object Injection
2018-01-26 00:00:00