CVE-2014-4602
The CVE-2014-4602 entry concerns the WordPress XEN Carousel plugin (version 0.12.2 and earlier). The vulnerability is an XSS flaw in the admin asset xencarousel-admin.js.php, exploitable via the path or ajaxpath parameter, allowing remote attackers to inject arbitrary web script or HTML. Affected...