CVE-2013-2204
The CVE-2013-2204 entry affects moxieplayer.as in Moxiecode moxieplayer, used in the TinyMCE Media plugin for WordPress prior to 3.5.2 (and other products). The root cause is the extraction of QUERY_STRING failing to account for a trailing # in the string, enabling remote attackers to pass arbitr...