Description
Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Remediation
References
Related Vulnerabilities
MySQL CVE-2017-10284 Vulnerability (CVE-2017-10284)
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43946)
MySQL CVE-2013-1548 Vulnerability (CVE-2013-1548)
WordPress Plugin WP Portfolio Gallery Cross-Site Scripting (1.0.0)
WordPress Plugin Random image gallery with pretty photo zoom Cross-Site Scripting (7.4)