RSS   Vulnerabilities for 'Spotlightyour'   RSS

2014-07-02
 
CVE-2014-4552

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the paymentType parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top