2 matches found
CVE-2014-100027
CVE-2014-100027 concerns the WordPress plugin WP SlimStat. Affected software: WP SlimStat plugin for WordPress, with versions older than 3.5.6. Root cause: cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Impact (as st...
CVE-2015-1204
Summary: WP Slimstat for WordPress is affected by a Cross-Site Scripting (XSS) vulnerability in the Save Filters functionality. The issue allows an attacker to inject arbitrary script or HTML via the fs[resource] parameter on the wp-slim-view-2 page (to wp-admin/admin.php). Affected versions: bef...