EUVD-2015-2895

Malware in sbrugna...

WordPress Navis DocumentCloud Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language, which supports personal blogging sites on servers running PHP and MySQL.Navis DocumentCloud is one of the plug-ins that allows journalists to analyze, annotate, and publish documents. A...

CVE-2015-2807

Cross-site scripting XSS vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter...

CVE-2015-2807

The CVE-2015-2807 issue affects the WordPress Navis DocumentCloud plugin, specifically versions before 0.1.1. The vulnerability resides in the js/window.php file where the wpbase parameter is used, enabling a reflected cross-site scripting (XSS) attack. An attacker can inject arbitrary script/HTM...

CVE-2015-2807

Cross-site scripting XSS vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter...

WordPress Navis DocumentCloud 0.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Details ================ Software: Navis DocumentCloud Version: 0.1 Homepage: https://wordpress.org/plugins/navis-documentcloud/ Advisory report:...

WordPress Navis DocumentCloud 0.1 Cross Site Scripting

Details ================ Software: Navis DocumentCloud Version: 0.1 Homepage: https://wordpress.org/plugins/navis-documentcloud/ Advisory report: https://security.dxw.com/advisories/publicly-exploitable-xss-in-wordpress-plugin-navis-documentcloud/ CVE: CVE-2015-2807 CVSS: 6.4 Medium;...