Cross site scripting

2015-06-3014:59:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.1%

JSON

Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.

CPENameOperatorVersion
slider_revolutioneq4.2.2

CPE	Name	Operator	Version
	slider_revolution	eq	4.2.2

References

packetstormsecurity.com/files/132366/WordPress-Revslider-4.2.2-XSS-Information-Disclosure.html

www.securityfocus.com/bid/75303