CVE-2015-9273

The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress has XSS via an HTTP Referer header, or via a field associated with JavaScript-based Referer tracking.
References
Link Resource
https://www.openwall.com/lists/oss-security/2015/07/30/1 Mailing List Third Party Advisory
https://plugins.trac.wordpress.org/changeset/1204104 Release Notes Third Party Advisory
http://plugins.svn.wordpress.org//wp-slimstat/tags/4.1.6.1/readme.txt Release Notes Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wp-slimstat:slimstat_analytics:*:*:*:*:*:wordpress:*:*

Information

Published : 2018-10-07 10:29

Updated : 2018-11-19 15:20


NVD link : CVE-2015-9273

Mitre link : CVE-2015-9273


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

wp-slimstat

  • slimstat_analytics