ThreatPress

WordPress Vulnerabilities Database

Back

WordPress SWFUpload Plugin <= 3.5.1 - XSS

Product
SWFUpload
Description
This plugin is prone to a cross site scripting vulnerability.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
CVE Mitre
CVE
Name CVE-2013-2205
Versions
Affected In <= 3.5.1
Fixed In 3.5.2
Disclosure date
2013-02-19
Credits
Jan Lieskovsky