Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
patchstackN/APATCHSTACK:A7819AD523301F5FBF2BE9FCA9A5B1E4
HistoryNov 13, 2014 - 12:00 a.m.

WordPress Symposium Plugin <= 14.10 - Multiple XSS

2014-11-1300:00:00
N/A
patchstack.com
13

EPSS

0.002

Percentile

55.3%

JSON

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the 4 parameters: “compose_text” ( in a sendMail action to ajax/mail_functions.php), “text” (in an addComment action to ajax/profile_functions.php), “comment” (in an add_comment action to ajax/lounge_functions.php), or “name” (in a create_album action to ajax/gallery_functions.php).

Solution

           Update the plugin.

Related

cvelist 1
cve 1
prion 1
nvd 1
wpvulndb 1
cvelist
cvelist
CVE-2014-8809
2014-12-24 18:00:00
cve
cve
CVE-2014-8809
2014-12-24 18:59:03
prion
prion
Cross site scripting
2014-12-24 18:59:00
nvd
nvd
CVE-2014-8809
2014-12-24 18:59:03
wpvulndb
wpvulndb
WP Symposium <= 14.10 - XSS & SQL Injection
2014-11-26 00:00:00

EPSS

0.002

Percentile

55.3%

JSON
Related for PATCHSTACK:A7819AD523301F5FBF2BE9FCA9A5B1E4
cvelist1cve1prion1nvd1wpvulndb1