2 matches found
CVE-2014-4586
Multiple cross-site scripting XSS vulnerabilities in the wp-football plugin 1.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the league parameter to 1 footballclassification.php, 2 footballcriteria.php, 3 templates/templatedefaultpreview.php, or 4...
CVE-2014-4586
The CVE-2014-4586 entry refers to multiple XSS vulnerabilities in the wp-football WordPress plugin (versions 1.1 and earlier). The issues allow remote attackers to inject arbitrary web script or HTML via parameters in several scripts: league in football_classification.php, football_criteria.php, ...