3 matches found
CVE-2014-8087
Cross-site scripting XSS vulnerability in the post highlights plugin before 2.6.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the txt parameter in a headline action to ajax/phsave.php...
CVE-2014-8087
Cross-site scripting XSS vulnerability in the post highlights plugin before 2.6.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the txt parameter in a headline action to ajax/phsave.php...
CVE-2014-8087
CVE-2014-8087 corresponds to a stored XSS in the WordPress Post Highlights plugin (versions before 2.6.1). The vulnerability allows an attacker to inject arbitrary script/HTML via the txt parameter used in a headline action to ajax/ph_save.php. Public records consistently cite the affected compon...