Lucene search
K

4 matches found

securityvulns
securityvulns
added 2015/10/26 12:0 a.m.85 views

CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins

Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 Pending CWE ID: CWE-79 CVSS: 5.5 Medium; AV:N/AC:L/Au:S/C:P/I:P/A:N Description ================ A stored XSS vulnerability in YouTube Embed 3.3.2 and...

3.5CVSS0.8AI score0.01277EPSS
Exploits2
CVE
CVE
added 2015/08/31 6:0 p.m.49 views

CVE-2015-6535

This CVE concerns WordPress YouTube Embed plugin (software: YouTube Embed; version 3.3.2, potentially earlier) with a stored XSS in includes/options-profiles.php. The vulnerability arises from unsanitized input in the Profile name field (youtube_embed_name parameter), allowing an admin user to in...

3.5CVSS5.9AI score0.01277EPSS
Exploits2References4Affected Software1
0day.today
0day.today
added 2015/08/27 12:0 a.m.56 views

WordPress YouTube Embed 3.3.2 Cross Site Scripting Vulnerability

WordPress YouTube Embed plugin version 3.3.2 suffers from a stored cross site scripting vulnerability. Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 Pending CWE ID: CWE-79 CVSS: 5.5 Medium;...

3.5CVSS5.9AI score0.01277EPSS
Exploits2
Packet Storm
Packet Storm
added 2015/08/26 12:0 a.m.55 views

WordPress YouTube Embed 3.3.2 Cross Site Scripting

Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 Pending CWE ID: CWE-79 CVSS: 5.5 Medium; AV:N/AC:L/Au:S/C:P/I:P/A:N Description ================ A stored XSS vulnerability in YouTube Embed 3.3.2 and...

3.5CVSS6.7AI score0.01277EPSS
Exploits2
Rows per page
Query Builder