Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wp_post_id parameter.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2013-05-31 05:20
Updated : 2013-08-27 05:58
NVD link : CVE-2013-3720
Mitre link : CVE-2013-3720
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
feedweb
- feedweb
wordpress
- wordpress