CVE-2014-4847
CVE-2014-4847 concerns a cross-site scripting (XSS) flaw in the WordPress plugin “Random Banner” version 1.1.2.1. The vulnerability allows a remote attacker to inject arbitrary web script or HTML via the buffercode_RBanner_url_banner1 parameter in an update action to wp-admin/options.php. Affecte...