4 matches found
CVE-2014-4855
Cross-site scripting XSS vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. NOTE: some of these details are obtained from third party information...
CVE-2014-4855
Cross-site scripting XSS vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. NOTE: some of these details are obtained from third party information...
CVE-2014-4855
Cross-site scripting XSS vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. NOTE: some of these details are obtained from third party information...
CVE-2014-4855
Polylang WordPress plugin (before 1.5.2) is affected by a stored XSS via the user description field. The vulnerability allows remote injection of script/HTML; affected component is the Polylang plugin for WordPress, prior to version 1.5.2. Remediation observed in sources is to update to 1.5.2 or ...