61 matches found
WordPress 4.4.x < 4.4.14 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 4.1.x < 4.1.22 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 3.8.x < 3.8.25 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 4.3.x < 4.3.15 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 4.6.x < 4.6.10 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 4.8.x < 4.8.5 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 4.2.x < 4.2.19 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 3.9.x < 3.9.23 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 3.7.x < 3.7.25 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress 4.5.x < 4.5.13 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the detected WordPress application is affected by a cross-site scripting vulnerability in the Flash fallback files in MediaElement under wp-includes/js/mediaelement. Note that the scanner has not tested for these issues but has instead relied only on...
WordPress < 4.9.2 MediaElement.js Flash Fallback XSS
According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.2. It is, therefore, affected by a cross-site scripting vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid106304; scriptversion"1.11"...
Zomato: Outdated MediaElement.js Reflected Cross-Site Scripting (XSS)
I took a quick look at the business-blog.zomato.com wordpress installation, and found that it was quite outdated. Version 4.2.4 as far as I could tell A pretty famous XSS attack exists for Wordpress versions below 4.5.2 that allows for reflected cross site scripting. More details can be found her...
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2 (see CVE-2013-1967)
More info at https://contao.org/en/news/contao-3515.html...
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2 (see CVE-2013-1967)
More info at https://contao.org/en/news/contao-3515.html...
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2 (see CVE-2013-1967)
More info at https://contao.org/en/news/contao-3515.html...
WordPress < 4.5.2 Multiple Vulnerabilities (ImageTragick)
Binary data 9387.prm...
CVE-2016-4567
Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...
CVE-2016-4567
Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...
DEBIAN-CVE-2016-4567
Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...
Cross site scripting
Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...