CVE-2014-2333

Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.16:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.15:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.9.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.9:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.3.3:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.3.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.18:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.17.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.12:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.11:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.7:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.14:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.8.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.17.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.6:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.19.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.13:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.17.2:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.10.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.1.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.3.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.4:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.10:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.2.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.19:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.5:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.7.1:*:*:*:*:wordpress:*:*
cpe:2.3:a:marcel_brinkkemper:lazyest-gallery:1.1.3:*:*:*:*:wordpress:*:*

Information

Published : 2014-04-11 07:55

Updated : 2017-08-28 18:34


NVD link : CVE-2014-2333

Mitre link : CVE-2014-2333


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

marcel_brinkkemper

  • lazyest-gallery