5 matches found
EUVD-2015-5678
Malware in sbrugna...
CVE-2015-5732
Cross-site scripting XSS vulnerability in the form function in the WPNavMenuWidget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title...
CVE-2015-5732
WordPress WP_Nav_Menu_Widget XSS CVE-2015-5732: in wp-includes/default-widgets.php, the form() function allows arbitrary script/HTML via a widget title in WordPress versions before 4.2.4. The vulnerability arises from improper handling of the widget title in the affected widget, enabling remote s...
CVE-2015-5732
Cross-site scripting XSS vulnerability in the form function in the WPNavMenuWidget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title...
WordPress <= 4.2.3 - XSS #2
This vulnerability exists in the WPNavMenuWidget class in wp-includes/default-widgets.php in the "form" function. It allows remote attackers to inject arbitrary web script or HTML via a widget title. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-2-3-xss Solution...