7 matches found
CVE-2015-9423
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simplefieldsfieldtypepostdialogload PlugneditBGColor, PlugneditEditorMargin, plugneditwidth, pnemedcount, or plugneditcontent parameters...
CVE-2015-9422
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simplefieldsfieldtypepostdialogload plugneditwidth, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters...
CVE-2015-9423
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simplefieldsfieldtypepostdialogload PlugneditBGColor, PlugneditEditorMargin, plugneditwidth, pnemedcount, or plugneditcontent parameters...
Code injection
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simplefieldsfieldtypepostdialogload PlugneditBGColor, PlugneditEditorMargin, plugneditwidth, pnemedcount, or plugneditcontent parameters...
CVE-2015-9423
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simplefieldsfieldtypepostdialogload PlugneditBGColor, PlugneditEditorMargin, plugneditwidth, pnemedcount, or plugneditcontent parameters...
CVE-2015-9422
The CVE-2015-9422 entry concerns the PlugNedit Adaptive Editor WordPress plugin prior to 6.2.0. The vulnerability is a CSRF that can yield XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load and the parameters plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditE...
CVE-2015-9422
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simplefieldsfieldtypepostdialogload plugneditwidth, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters...