Cross-Site Scripting (XSS) in Ad-minister Wordpress plugin

Advisory ID: HTB23187 Product: Ad-minister Wordpress plugin Vendor: henrikmelin, kalstrom Vulnerable Versions: 0.6 and probably prior Tested Version: 0.6 Advisory Publication: December 5, 2013 without technical details Vendor Notification: December 5, 2013 Public Disclosure: December 26, 2013...

Cross-Site Scripting (XSS) in Ad-minister Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in Ad-minister Wordpress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Ad-minister Wordpress plugin: CVE-2013-6993 The vulnerability exists due to insufficient sanitisation ...