CVE-2014-4568

CVE-2014-4568

EPSS 1.6%

Cross-site scripting (XSS) vulnerability in posts/videowhisper/r_logout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://codevigilant.com/disclosure/wp-plugin-video-posts-webcam-recorder-a3-cross-site-scripting-xss https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=839990%40video-posts-webcam-recorder&old=686450%40video-posts-webcam-recorder&sfp_email=&sfph_mail=