4 matches found
CVE-2015-5484
Cross-site scripting XSS vulnerability in the Plotly plugin before 1.0.3 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via a post...
CVE-2015-5484
Cross-site scripting XSS vulnerability in the Plotly plugin before 1.0.3 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via a post...
CVE-2015-5484
CVE-2015-5484 is a stored XSS vulnerability in the WordPress Plotly plugin prior to 1.0.3. It allows remote authenticated users to inject arbitrary script/HTML into posts, potentially affecting other site users. Affected component: Plotly WordPress plugin; vulnerability path: XSS via post content...
WordPress Plotly 1.0.2 Cross Site Scripting
Details ================ Software: Plotly Version: 1.0.2 Homepage: http://wordpress.org/plugins/wp-plotly/ Advisory report: https://security.dxw.com/advisories/stored-xss-in-plotly-allows-less-privileged-users-to-insert-arbitrary-javascript-into-posts/ CVE: CVE-2015-5484 CVSS: 6.5 Medium;...