Description

Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-9035

Related Vulnerabilities

Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0349)

PHP Other Vulnerability (CVE-2007-1375)

Envoy Proxy Reachable Assertion Vulnerability (CVE-2022-29228)

WordPress Plugin Swipe Checkout for WP e-Commerce Multiple Cross-Site Scripting Vulnerabilities (3.1.0)

Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016)

Severity

Medium

Classification

CVE-2014-9035 CWE-707

Tags

Missing Update Known Vulnerabilities