CVE-2013-4693
CVE-2013-4693 affects the WordPress plugin Xorbin Digital Flash Clock 1.0. The vulnerability is a Flash-based XSS in the plugin’s frontend due to the xorDigitalClock.swf component, where the external input taken from the widgetUrl parameter is passed into getURL. This causes injected script execu...