podPress 8.8.10.13 - players/1pixelout/1pixelout_player.swf playerID Parameter XSS

The podpress WordPress plugin was affected by a players/1pixelout/1pixeloutplayer.swf playerID Parameter XSS security vulnerability...

WordPress podPress 8.8.10.13 Cross Site Scripting

Exploit Title: WordPress podPress Plugin XSS in SWF Release Date: 28/03/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/podpress.8.8.10.17.zip Tested on: XPsp3 Affected version: 8.8.10.13 before Goog...

WordPress Plugin podPress - 'playerID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58421/info The podPress plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...