Description

Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-9035

Related Vulnerabilities

WebLogic CVE-2023-22108 Vulnerability (CVE-2023-22108)

PHP Improper Input Validation Vulnerability (CVE-2015-3330)

WordPress 4.0.x Cross-Site Scripting Vulnerability (4.0 - 4.0.8)

MySQL CVE-2020-2901 Vulnerability (CVE-2020-2901)

WordPress Plugin Companion Auto Update Cross-Site Scripting (2.9.3)

Severity

Medium

Classification

CVE-2014-9035 CWE-707

Tags

Missing Update Known Vulnerabilities