CVE-2015-4139
CVE-2015-4139 affects the WordPress plugin WP Smiley (plugin version 1.4.1). The vulnerability is a cross-site scripting (XSS) flaw in the file smilies4wp.php that allows an authenticated remote user to inject arbitrary script/HTML via the s4w-more parameter to wp-admin/options-general.php. The p...