Lucene search
K

4 matches found

NVD
NVD
added 2017/09/11 8:29 p.m.24 views

CVE-2015-8350

Multiple cross-site scripting XSS vulnerabilities in the Calls to Action plugin before 2.5.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 open-tab parameter in a wpctaglobalsettings action to wp-admin/edit.php or 2 wp-cta-variation-id parameter to...

6.1CVSS6.2AI score0.02645EPSS
Exploits3References4
CVE
CVE
added 2017/09/11 8:0 p.m.52 views

CVE-2015-8350

CVE-2015-8350 covers two XSS vulnerabilities in the WordPress plugin Calls to Action prior to 2.5.1. The flaws arise from unsanitized input in two GET parameters: open-tab (wp_cta_global_settings action, used in wp-admin/edit.php) and wp-cta-variation-id (in ab-testing-call-to-action-example/). T...

6.1CVSS6.1AI score0.02645EPSS
Exploits3References4Affected Software1
0day.today
0day.today
added 2015/12/03 12:0 a.m.49 views

WordPress Calls To Action 2.4.3 Cross Site Scripting Vulnerability

WordPress Calls to Action plugin version 2.4.3 suffers from a cross site scripting vulnerability. Product: Calls to Action WordPress plugin Vendor: InboundNow Vulnerable Versions: 2.4.3 and probably prior Tested Version: 2.4.3 Advisory Publication: October 7, 2015 without technical details Vendor...

4.3CVSS6.2AI score0.02645EPSS
Exploits3
Packet Storm
Packet Storm
added 2015/12/02 12:0 a.m.56 views

WordPress Calls To Action 2.4.3 Cross Site Scripting

Advisory ID: HTB23274 Product: Calls to Action WordPress plugin Vendor: InboundNow Vulnerable Versions: 2.4.3 and probably prior Tested Version: 2.4.3 Advisory Publication: October 7, 2015 without technical details Vendor Notification: October 7, 2015 Vendor Patch: October 27, 2015 Public...

0.3AI score0.02645EPSS
Exploits3
Rows per page
Query Builder