RSS   Vulnerabilities for 'Mingle forum'   RSS

2014-03-28
 
CVE-2013-0734

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top