EUVD-2013-6792

Malware in sbrugna...

WP Cron DashBoard <= 1.1.5 - Reflected Cross-Site Scripting (XSS)

The WP-Cron Dashboard WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...

Cross-Site Scripting &#40;XSS&#41; in WP-Cron Dashboard Wordpress plugin

Advisory ID: HTB23189 Product: WP-Cron Dashboard Wordpress plugin Vendor: OKAMOTO Wataru Vulnerable Versions: 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 5, 2013 without technical details Vendor Notification: December 5, 2013 Public Disclosure: December 26, 2013...

CVE-2013-6991

Cross-site scripting XSS vulnerability in the WP-Cron Dashboard plugin 1.1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php...

CVE-2013-6991

The CVE covers WP-Cron Dashboard WordPress plugin vulnerability (versions ≤ 1.1.5) where the procname parameter submitted to /wp-admin/tools.php is not properly sanitized, allowing reflected XSS in the administrator’s browser. Impact is arbitrary HTML/JavaScript execution within the affected site...

Cross-Site Scripting (XSS) in WP-Cron Dashboard Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in WP-Cron Dashboard Wordpress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in WP-Cron Dashboard Wordpress plugin: CVE-2013-6991 The vulnerability exists due to insufficient...