Vulnerabilities

CVE-2015-2807

by Fred · 01/09/2015

Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.

Date published : 2015-09-01

https://wordpress.org/plugins/navis-documentcloud/changelog/

http://seclists.org/fulldisclosure/2015/Aug/78

Related

Tags: Cybersecurity Alert