Lucene search
K

131 matches found

Hacker One
Hacker One
added 2017/04/17 6:53 a.m.19 views

WordPress: Multiple stored XSS in WordPress

Enguerran discovered a way to store payloads that would trigger XSS in the MediaElement Flash and Silverlight files that were bundled with WordPress. We coordinated a fix with MediaElement, and moved the files from WordPress Core to an optional plugin, since most users no longer needed them...

1.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2017/03/12 1:59 a.m.27 views

CVE-2017-6814

In WordPress before 4.7.3, there is authenticated Cross-Site Scripting XSS via Media File Metadata. This is demonstrated by both 1 mishandling of the playlist shortcode in the wpplaylistshortcode function in wp-includes/media.php and 2 mishandling of meta information in the renderTracks function ...

5.4CVSS6.5AI score0.03016EPSS
Exploits1References6
OSV
OSV
added 2017/03/12 1:59 a.m.21 views

CVE-2017-6814

In WordPress before 4.7.3, there is authenticated Cross-Site Scripting XSS via Media File Metadata. This is demonstrated by both 1 mishandling of the playlist shortcode in the wpplaylistshortcode function in wp-includes/media.php and 2 mishandling of meta information in the renderTracks function ...

5.4CVSS5.9AI score
Exploits0References9
Cvelist
Cvelist
added 2017/03/12 1:0 a.m.30 views

CVE-2017-6814

In WordPress before 4.7.3, there is authenticated Cross-Site Scripting XSS via Media File Metadata. This is demonstrated by both 1 mishandling of the playlist shortcode in the wpplaylistshortcode function in wp-includes/media.php and 2 mishandling of meta information in the renderTracks function ...

5.5AI score0.03016EPSS
Exploits1References9
Veracode
Veracode
added 2017/02/13 5:32 a.m.6 views

Cross-site Scripting (XSS)

mediaelement is vulnerable to cross-site scripting XSS attacks. The library does not sanitize user input, allowing a malicious user to inject and execute arbitrary code...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/10/27 11:5 a.m.15 views

news.ladbrokes.com XSS vulnerability

Open Bug Bounty ID: OBB-189259 Description| Value ---|--- Affected Website:| news.ladbrokes.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/10/26 5:54 p.m.8 views

es.nethive.com XSS vulnerability

Vulnerable URL: https://es.nethive.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/08/05 12:24 p.m.12 views

press.parkwind.eu XSS vulnerability

Vulnerable URL: https://press.parkwind.eu/blog/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/08/05 12:10 p.m.9 views

pers.livecomedy.be XSS vulnerability

Vulnerable URL: https://pers.livecomedy.be/blog/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/08/05 11:59 a.m.9 views

emirates.com XSS vulnerability

Vulnerable URL: http://www.emirates.com/media-centre/blog/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| Yes, at 24.08.2016 Latest check for patch:| 24.08.2016 03:50 GMT Vulnerability type:| XSS Vulnerabili...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/07/27 8:24 a.m.9 views

drpimplepopper.com XSS vulnerability

Open Bug Bounty ID: OBB-169912 Description| Value ---|--- Affected Website:| drpimplepopper.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/07/10 2:23 p.m.8 views

orthodonticsolution.com XSS vulnerability

Open Bug Bounty ID: OBB-165370 Description| Value ---|--- Affected Website:| orthodonticsolution.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/28 10:53 p.m.13 views

museomaranello.ferrari.com XSS vulnerability

Vulnerable URL: http://museomaranello.ferrari.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/19 4:54 a.m.21 views

allegro.naszkornik.pl XSS vulnerability

Open Bug Bounty ID: OBB-154644 Description| Value ---|--- Affected Website:| allegro.naszkornik.pl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/19 4:30 a.m.11 views

optus-labs.com XSS vulnerability

Vulnerable URL: http://optus-labs.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 04.04.2017 Latest check for patch:| 04.04.2017 02:00 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/18 8:1 p.m.16 views

access.aol.com XSS vulnerability

Vulnerable URL: http://access.aol.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 02.06.2016 Latest check for patch:| 02.06.2016 18:10 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/17 8:32 p.m.9 views

rdprojects.bitdefender.com XSS vulnerability

Vulnerable URL: https://rdprojects.bitdefender.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 25.07.2016 Latest check for patch:| 25.07.2016 19:11 GMT Vulnerability type:| XSS Vulnerability status:|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/17 8:25 p.m.14 views

avg.co.kr XSS vulnerability

Vulnerable URL: http://www.avg.co.kr/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown /...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/17 1:34 p.m.20 views

blog.telefonica.de XSS vulnerability

Vulnerable URL: https://blog.telefonica.de/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 20.09.2017 Latest check for patch:| 20.09.2017 08:44 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/17 1:6 p.m.15 views

cashclearing.societegenerale.com XSS vulnerability

Vulnerable URL: http://cashclearing.societegenerale.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...

6.3AI score
Exploits0
Rows per page
Query Builder