Lucene search
K

61 matches found

UbuntuCve
UbuntuCve
added 2016/05/22 1:59 a.m.39 views

CVE-2016-4567

Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...

6.1CVSS6.4AI score0.06405EPSS
Exploits0References3
Prion
Prion
added 2016/05/22 1:59 a.m.24 views

Cross site scripting

Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...

4.3CVSS6AI score0.06405EPSS
Exploits0References9Affected Software2
CVE
CVE
added 2016/05/22 1:0 a.m.87 views

CVE-2016-4567

CVE-2016-4567 describes a cross-site scripting (XSS) flaw in MediaElement.js (flash/FlashMediaElement.as) before version 2.21.0, as used in WordPress up to 4.5.2. An attacker can inject arbitrary script/HTML via an obfuscated value of the jsinitfunction parameter (example: jsinitfunctio%gn). The ...

6.1CVSS5.9AI score0.06405EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2016/05/22 1:0 a.m.28 views

CVE-2016-4567

Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...

6AI score0.06405EPSS
Exploits0References9
EUVD
EUVD
added 2016/05/22 1:0 a.m.4 views

EUVD-2022-1928

Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...

6.1CVSS6AI score0.06405EPSS
Exploits0References18
Debian CVE
Debian CVE
added 2016/05/22 1:0 a.m.48 views

CVE-2016-4567

Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...

6.1CVSS6.1AI score0.06405EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/05/17 12:0 a.m.14 views

WordPress < 4.5.2 Multiple XSS Vulnerabilities (May 2016) - Linux

WordPress is prone to multiple cross-site scripting XSS vulnerabilities in third-party libraries. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

6.1CVSS6.3AI score0.06405EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/05/17 12:0 a.m.25 views

WordPress < 4.5.2 Multiple XSS Vulnerabilities (May 2016) - Windows

WordPress is prone to multiple cross-site scripting XSS vulnerabilities in third-party libraries. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

6.1CVSS6.4AI score0.06405EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.106 views

WordPress < 4.5.2 Multiple Vulnerabilities (ImageTragick)

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.5.2. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability, known as ImageTragick, exists in the ImageMagick library due to a...

10CVSS7.5AI score0.97485EPSS
Exploits13References9
Tenable Nessus
Tenable Nessus
added 2016/05/11 12:0 a.m.22 views

FreeBSD : wordpress -- multiple vulnerabilities (3686917b-164d-11e6-94fa-002590263bf5)

Helen Hou-Sandi reports : WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.5.1 and earlier are affected by a SOME vulnerability through Plupload, the third-party library...

6.1CVSS6AI score0.06405EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2016/05/10 9:0 a.m.13 views

WordPress 4.5.2 Security Release

WordPress vulnerabilities continue to be a magnet for hackers laden with exploit kits, and as recently as February, crippling ransomware attacks. As a result, WordPress has already released three security updates this year, the latest for the content management system coming last Friday, bringing...

7.8AI score
Exploits0References9
CNVD
CNVD
added 2016/05/09 12:0 a.m.20 views

WordPress 'MediaElement.js' Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the MediaElement.js file in WordPress versions 4.2 through...

6.1CVSS5.8AI score0.06405EPSS
Exploits0References1
Patchstack
Patchstack
added 2016/05/07 12:0 a.m.24 views

WordPress <= 2.20.9 - XSS

This vulnerability in flash/FlashMediaElement.as in MediaElement.js allows an attacker to inject arbitrary web script or HTML via the query string. Solution Update WordPress...

6.1CVSS2AI score0.06405EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2016/05/06 12:0 a.m.25 views

WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)

...

4.3CVSS2.1AI score0.06405EPSS
Exploits0References3Affected Software1
FreeBSD
FreeBSD
added 2016/05/06 12:0 a.m.29 views

wordpress -- multiple vulnerabilities

Helen Hou-Sandi reports: WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.5.1 and earlier are affected by a SOME vulnerability through Plupload, the third-party library...

1.7AI score
Exploits0References2
NVD
NVD
added 2014/02/05 3:10 p.m.14 views

CVE-2013-1967

Cross-site scripting XSS vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter...

4.3CVSS5.6AI score0.02214EPSS
Exploits1References8
Prion
Prion
added 2014/02/05 3:10 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter...

4.3CVSS6.1AI score0.02214EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2014/02/05 3:0 p.m.44 views

CVE-2013-1967

Cross-site scripting XSS vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter...

6AI score0.02214EPSS
Exploits1References8
CVE
CVE
added 2014/02/05 3:0 p.m.69 views

CVE-2013-1967

CVE-2013-1967 describes a Cross-site scripting (XSS) vulnerability in flashmediaelement.swf used by MediaElement.js before 2.11.2. The flaw affects ownCloud Server deployments, specifically 5.0.x before 5.0.5 and 4.5.x before 4.5.10, where an attacker can inject arbitrary script or HTML via the f...

4.3CVSS5.9AI score0.02214EPSS
Exploits1References8Affected Software2
OwnCloud
OwnCloud
added 2013/04/19 6:5 p.m.42 views

XSS Vulnerability in MediaElement.js - ownCloud

A cross-site scripting XSS vulnerability in all ownCloud versions prior to 5.0.5 including the 4.5.x branch allows remote attackers to execute arbitrary javascript when a user opens a special crafted URL. This vulnerability exists in the bundled 3rdparty plugin "MediaElement.js", "MediaElement.js...

4.3CVSS5.9AI score0.02214EPSS
Exploits1Affected Software1
Rows per page
Query Builder