Vulners
Lucene search
3 matches found
CVE-2014-4604
Cross-site scripting XSS vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ytmpw parameter...
4.3CVSS5.8AI score0.01629EPSS
Exploits1References1
Cross site scripting
Cross-site scripting XSS vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ytmpw parameter...
4.3CVSS6.2AI score0.01629EPSS
Exploits1References1Affected Software1
WordPress Your Text Manager Plugin <= 0.3.0 - XSS
Because of this vulnerability in settings/pwsettings.php, the attackers can inject arbitrary web script or HTML via the "ytmpw" parameter. Solution Update the plugin...
4.3CVSS2.8AI score0.01629EPSS
Exploits1References1Affected Software1
20