The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460.
References
Link | Resource |
---|---|
https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/ | Third Party Advisory |
https://wordpress.org/plugins/wp-vipergb/#developers | Release Notes Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-28T11:20:03
Updated: 2019-08-28T11:20:03
Reserved: 2019-08-27T00:00:00
Link: CVE-2015-9356
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-28T12:15:11.200
Modified: 2019-08-30T19:45:22.400
Link: CVE-2015-9356
JSON object: View
Redhat Information
No data.
CWE