3 matches found
CVE-2014-2333
Cross-site scripting XSS vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information...
CVE-2014-2333
Cross-site scripting XSS vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information...
CVE-2014-2333
CVE-2014-2333 affects the WordPress plugin Lazyest Gallery (pre-1.1.21). The vulnerability is a stored/reflected XSS via an EXIF tag in the image handling code, enabling remote attackers to inject arbitrary script or HTML. Public details come from NVD/NVD-related feeds and WPVulnDB entries; explo...