Cross-site scripting (XSS) vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:51
Updated: 2022-10-03T16:15:51
Reserved: 2022-10-03T00:00:00
Link: CVE-2015-1879
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-02-19T15:59:20.440
Modified: 2015-02-20T18:49:30.713
Link: CVE-2015-1879
JSON object: View
Redhat Information
No data.
CWE