EUVD-2014-4529

Malware in sbrugna...

XEN Carousel < 0.12.2 - XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter

The xen-carousel WordPress plugin was affected by a XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter security vulnerability...

CVE-2014-4602

Multiple cross-site scripting XSS vulnerabilities in xencarousel-admin.js.php in the XEN Carousel plugin 0.12.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 path or 2 ajaxpath parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in xencarousel-admin.js.php in the XEN Carousel plugin 0.12.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 path or 2 ajaxpath parameter...

CVE-2014-4602

The CVE-2014-4602 entry concerns the WordPress XEN Carousel plugin (version 0.12.2 and earlier). The vulnerability is an XSS flaw in the admin asset xencarousel-admin.js.php, exploitable via the path or ajaxpath parameter, allowing remote attackers to inject arbitrary web script or HTML. Affected...

CVE-2014-4602

Multiple cross-site scripting XSS vulnerabilities in xencarousel-admin.js.php in the XEN Carousel plugin 0.12.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 path or 2 ajaxpath parameter...

WordPress XEN Carousel Plugin <= 0.12.2 - Multiple XSS

Because of these multiple vulnerabilities in xencarousel-admin.js.php, the attackers can inject arbitrary web script or HTML via the "ajaxpath" or "path" parameter. Solution Update the plugin...