WordPress Pay Per Media Player Plugin <= 1.24 - Multiple XSS

2014-06-2300:00:00

Prajal Kulkarni

patchstack.com

0.002 Low

EPSS

Percentile

61.0%

Because of these vulnerabilities in payper/payper.php, the attackers to inject arbitrary web script or HTML.

Solution

           Update the plugin.

CPENameOperatorVersion
pay per media playerle1.24

CPE	Name	Operator	Version
	pay per media player	le	1.24

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4543

0.002 Low

EPSS

Percentile

61.0%

Related for PATCHSTACK:83AA026CCF360BF4DA27781DA5A70E27