RSS   Vulnerabilities for 'Youtube embed'   RSS

2015-08-31
 
CVE-2015-6535

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugin before 3.3.3 for WordPress allows remote administrators to inject arbitrary web script or HTML via the Profile name field (youtube_embed_name parameter).

 


Copyright 2019, cxsecurity.com

 

Back to Top