WordPress plupload Cross-Site Scripting Vulnerability - Windows

WordPress is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Wordpress Ephox Plupload Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed in PHP language, which supports setting up personal blog sites on PHP and MySQL servers.Ephox Plupload is a Web browser-based file upload module from Ephox, which supports displaying upload progress, automatic image...

CVE-2015-3439

CVE-2015-3439 affects WordPress usage of Ephox/Moxiecode Plupload’s plupload.flash.swf shim 2.1.2, enabling cross-site scripting via the target parameter in the flash shim. Affected products/versions include WordPress 3.9.x, 4.0.x and 4.1.x before 4.1.2; root cause is a same-origin JavaScript fun...

CVE-2015-3439

Cross-site scripting XSS vulnerability in the Ephox formerly Moxiecode plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as...