Multiple cross-site scripting (XSS) vulnerabilities in payper/payper.php in the Pay Per Media Player plugin 1.24 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) fcolor, (2) links, (3) stitle, (4) height, (5) width, (6) host, (7) bcolor, (8) msg, (9) id, or (10) size parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pay per media player project pay per media player |