CVE-2014-4550 (ninja)

Cross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter.

View Full Alert

Related Posts

  • CVE-2014-10381

    The user-domain-whitelist plugin before 1.5 for WordPress has CSRF. View Full Alert

  • CVE-2014-10376

    The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection. View Full Alert

  • CVE-2014-10377

    The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php. View Full Alert