CVE-2014-4845
Vulnerability summary: The BannerMan WordPress plugin (version 0.2.4) is affected by a cross-site scripting (XSS) flaw in the wp-admin/options-general.php workflow, exploitable via the bannerman_background parameter. This can allow a remote attacker to inject arbitrary web script or HTML into the...