24 matches found
CVE-2018-5312
The tabs-responsive plugin 1.8.0 for WordPress has XSS via the posttitle parameter to wp-admin/post.php...
Design/Logic Flaw
The tabs-responsive plugin 1.8.0 for WordPress has XSS via the posttitle parameter to wp-admin/post.php...
Cross site scripting
Cross-site scripting XSS vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the posttitle parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview...
CVE-2012-6692
Cross-site scripting XSS vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the posttitle parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview...