moxiecode plupload vulnerabilities and exploits

(subscribe to this query)

Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload prior to 1.5.5, as used in WordPress prior to 3.5.1 and other products, allows remote malicious users to inject arbitrary web script or HTML via the id parameter.

Moxiecode Plupload Moxiecode Plupload 1.4.0 Moxiecode Plupload 1.4.1 Moxiecode Plupload 1.4.2 Moxiecode Plupload 1.4.3 Moxiecode Plupload 1.5.0 Moxiecode Plupload 1.5.1 Moxiecode Plupload 1.5.2 Moxiecode Plupload 1.5.3 Wordpress Wordpress Wordpress Wordpress 0.71 Wordpress Wordpress 1.0

Plupload prior to 1.5.4, as used in wp-includes/js/plupload/ in WordPress prior to 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote malicious users to bypass the Same Origin Policy via crafted content.

Moxiecode Plupload Moxiecode Plupload 1.4.0 Moxiecode Plupload 1.4.1 Moxiecode Plupload 1.4.2 Moxiecode Plupload 1.4.3 Moxiecode Plupload 1.5.0 Moxiecode Plupload 1.5.1 Moxiecode Plupload 1.5.2 Wordpress Wordpress Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1

Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x prior to 4.1.2 and other products, allows remote malicious users to execute same-origin JavaScript functions via the ...

Debian Debian Linux 7.0 Debian Debian Linux 8.0 Wordpress Wordpress 3.9.0 Wordpress Wordpress 3.9.1 Wordpress Wordpress 3.9.2 Wordpress Wordpress 3.9.3 Wordpress Wordpress 4.0 Wordpress Wordpress 4.0.1 Wordpress Wordpress 4.1 Wordpress Wordpress 4.1.1

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook