RSS   Vulnerabilities for 'Pay per media player'   RSS

2014-07-02
 
CVE-2014-4543

 

 
Multiple cross-site scripting (XSS) vulnerabilities in payper/payper.php in the Pay Per Media Player plugin 1.24 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) fcolor, (2) links, (3) stitle, (4) height, (5) width, (6) host, (7) bcolor, (8) msg, (9) id, or (10) size parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top