Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2012-10-09 08:55
Updated : 2017-08-28 18:32
NVD link : CVE-2012-5349
Mitre link : CVE-2012-5349
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
wordpress
- wordpress
- pay-with-tweet