25 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 t parameter to iframe-googlefont-preview.php or the 2 text parameter to iframe-font-preview.php...
CVE-2014-6444
Multiple cross-site scripting XSS vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 t parameter to iframe-googlefont-preview.php or the 2 text parameter to iframe-font-preview.php...
CVE-2014-6444
The CVE-2014-6444 entry concerns the WordPress Titan Framework plugin (versions before 1.6). The root cause is insufficient input validation in two script endpoints: iframe-googlefont-preview.php (parameter t) and iframe-font-preview.php (parameter text), enabling reflected cross-site scripting (...
CVE-2014-6444
Multiple cross-site scripting XSS vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 t parameter to iframe-googlefont-preview.php or the 2 text parameter to iframe-font-preview.php...
WordPress Titan Framework Plugin <= 1.5 - Multiple XSS
Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "t" parameter to iframe-googlefont-preview.php or the "text" parameter to iframe-font-preview.php. Solution Update the plugin...