2 matches found
Frontend Uploader <= 0.9.2 - Cross-Site Scripting
The Frontend Uploader WordPress plugin prior to v.0.9.2 was affected by an unauthenticated Cross-Site Scripting security vulnerability. id: CVE-2014-9444 info: name: Frontend Uploader = 0.9.2 - Cross-Site Scripting author: daffainfo severity: medium description: The Frontend Uploader WordPress...
CVE-2014-9444
The CVE-2014-9444 entry concerns the WordPress plugin Frontend Uploader (affected version: before 0.9.2). Affected component: errors parameter handling in the default URI, enabling unauthenticated XSS by injecting arbitrary script/HTML. Exploitation details from connected sources indicate an unau...