Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php.
References
Link | Resource |
---|---|
https://research.g0blin.co.uk/cve-2014-6444/ | |
https://wpvulndb.com/vulnerabilities/8233 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2016-01-08T21:00:00
Updated: 2016-01-08T20:57:01
Reserved: 2014-09-16T00:00:00
Link: CVE-2014-6444
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-01-08T21:59:00.120
Modified: 2016-01-12T01:21:16.257
Link: CVE-2014-6444
JSON object: View
Redhat Information
No data.
CWE