12 matches found
EUVD-2013-2653
Malware in sbrugna...
CVE-2013-2714
Cross-site Scripting XSS in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter...
Cross site scripting
Cross-site Scripting XSS in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter...
CVE-2013-2714
CVE-2013-2714 concerns a cross-site scripting (XSS) vulnerability in the WordPress podPress plugin (version 8.8.10.13 and prior). The flaw resides in the SWF-based player at /wp-content/plugins/podpress/players/1pixelout/1pixelout_player.swf, where the parameter playerID is not properly sanitized...
CVE-2013-2714
Cross-site Scripting XSS in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter...
podPress 8.8.10.13 - players/1pixelout/1pixelout_player.swf playerID Parameter XSS
The podpress WordPress plugin was affected by a players/1pixelout/1pixeloutplayer.swf playerID Parameter XSS security vulnerability...
WordPress podPress Plugin XSS in SWF
Exploit Title: WordPress podPress Plugin XSS in SWF Release Date: 28/03/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/podpress.8.8.10.17.zip Tested on: XPsp3 Affected version: 8.8.10.13 before Goog...
WordPress podPress 8.8.10.13 Cross Site Scripting
Exploit Title: WordPress podPress Plugin XSS in SWF Release Date: 28/03/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/podpress.8.8.10.17.zip Tested on: XPsp3 Affected version: 8.8.10.13 before Goog...
WordPress Plugin podPress - playerID Cross-Site Scripting
WordPress Plugin podPress - playerID Cross-Site Scripting source: https://www.securityfocus.com/bid/58421/info The podPress plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...
WordPress Plugin podPress - 'playerID' Cross-Site Scripting
source: https://www.securityfocus.com/bid/58421/info The podPress plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
WordPress PodPress Plugin - Cross Site Scripting
WordPress PodPress plugin's "playerID" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...
WordPress Dynamic Widgets Plugin 1.5.1 - Cross Site Scripting
WordPress PodPress plugin's "themes.php" is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-base...