Description
Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack.
Remediation
References
Related Vulnerabilities
Moodle Other Vulnerability (CVE-2006-0147)
WordPress Plugin Custom Sidebars-Dynamic Widget Area Manager Cross-Site Scripting (2.1.0.1)
MySQL CVE-2022-21357 Vulnerability (CVE-2022-21357)
WordPress Plugin Contus HD FLV Player 'uploadVideo.php' Arbitrary File Upload (1.7)
Apache HTTP Server Numeric Errors Vulnerability (CVE-2006-3747)