Cross-site scripting (XSS) vulnerability in assets/player.swf in the Audio Player plugin before 2.0.4.6 for Wordpress allows remote attackers to inject arbitrary web script or HTML via the playerID parameter.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2013-02-06 21:56
Updated : 2016-12-07 19:03
NVD link : CVE-2013-1464
Mitre link : CVE-2013-1464
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
doryphores
- audio_player
wordpress
- wordpress