CVE-2014-4526
Summary (CVE-2014-4526) : The WordPress plugin efence (versions up to and including 1.3.2) is affected by multiple XSS vulnerabilities in callback.php. The attack surface includes parameters: message, zoneid, pubKey, and privKey, enabling remote attackers to inject arbitrary web script/HTML. The ...