CVE-2014-4582

CVE-2014-4582 affects WordPress installations using the WP Consultant plugin ≤1.0. Vulnerability exists in admin/admin_show_dialogs.php, allowing remote attackers to inject arbitrary web script or HTML via the dialog_id parameter (XSS). Impact is described as script/HTML injection; exploitation s...