Lucene search
HiphopPATCHSTACK:65C7609DEA84F976FB833B39F895EFFBHistoryMar 11, 2013 - 12:00 a.m.
WordPress PodPress Plugin - Cross Site Scripting
2013-03-1100:00:00
hiphop
patchstack.com
10
0.001 Low
EPSS
Percentile
44.9%
WordPress PodPress plugin’s “playerID” parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authentication credentials. Other attacks are also possible.
Solution
Update the plugin.
References
Related
prion
prion
Cross site scripting
2020-01-28 20:15:00
packetstorm
packetstorm
WordPress podPress 8.8.10.13 Cross Site Scripting
2013-03-29 00:00:00
cve
cve
CVE-2013-2714
2020-01-28 20:15:11
wpvulndb
wpvulndb
cvelist
cvelist
CVE-2013-2714
2020-01-28 19:30:31
nvd
nvd
CVE-2013-2714
2020-01-28 20:15:11
securityvulns
securityvulns
WordPress podPress Plugin XSS in SWF
2013-05-06 00:00:00