Lucene search
K

5 matches found

securityvulns
securityvulns
added 2014/10/14 12:0 a.m.66 views

Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin

Advisory ID: HTB23234 Product: EWWW Image Optimizer WordPress plugin Vendor: Shane Bishop Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without technical details Vendor Notification: September 17, 2014 Vendor Patch: September 24, 2014...

4.3CVSS6.3AI score0.02064EPSS
Exploits3
Cvelist
Cvelist
added 2014/10/10 2:0 p.m.18 views

CVE-2014-6243

Cross-site scripting XSS vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngo...

5.7AI score0.02064EPSS
Exploits3References5
CVE
CVE
added 2014/10/10 2:0 p.m.53 views

CVE-2014-6243

The CVE-2014-6243 vulnerability affects the WordPress plugin EWWW Image Optimizer, specifically versions prior to 2.0.2. A reflected Cross-Site Scripting (XSS) flaw exists in the ewww-image-optimizer.php page when crafting the page parameter passed to wp-admin/options-general.php. The error messa...

4.3CVSS5.8AI score0.02064EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2014/10/10 12:0 a.m.63 views

WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting Vulnerability

WordPress EWWW Image Optimizer plugin version 2.0.1 suffers from a cross site scripting vulnerability. Product: EWWW Image Optimizer WordPress plugin Vendor: Shane Bishop Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without technical...

6.7AI score0.02064EPSS
Exploits3
Packet Storm
Packet Storm
added 2014/10/09 12:0 a.m.54 views

WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting

Advisory ID: HTB23234 Product: EWWW Image Optimizer WordPress plugin Vendor: Shane Bishop Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without technical details Vendor Notification: September 17, 2014 Vendor Patch: September 24, 2014...

4.3CVSS0.02064EPSS
Exploits3
Rows per page
Query Builder