6 matches found
CVE-2013-1409
Cross-site scripting XSS vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxnonce parameter to wp-admin/admin-ajax.php...
CVE-2013-1409
CVE-2013-1409 affects the WordPress CommentLuv plugin prior to 2.92.4. The vulnerability is a cross-site scripting (XSS) flaw in the _ajax_nonce parameter passed to wp-admin/admin-ajax.php, allowing an attacker to inject arbitrary script/HTML. CVSSv2 base score listed as 4.3 (Medium) with I-P imp...
Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin
Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...
WordPress CommentLuv 2.92.3 Cross Site Scripting Vulnerability
WordPress CommentLuv version 2.92.3 suffers from a cross site scripting vulnerability. Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public...
WordPress CommentLuv 2.92.3 Cross Site Scripting
Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...
CVE-2013-1409
creationtimestamp| type| source ---|---|--- 2013-02-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38296...