Get a Pentest and security assessment of your IT network.

Request a quote
2021-current

CVE-2014-4535 – Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugi

March 7, 2022

Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4535

Reference (s):

  • http://codevigilant.com/disclosure/wp-plugin-import-legacy-media-a3-cross-site-scripting-xss
2
Share:
Related posts
2021-current

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

October 11, 2025
2021-current

CVE-2014-4743 - Multiple cross-site scripting (XSS) vulnerabilities in (1) search_ajax.tp

March 7, 2022
2021-current

CVE-2014-9838 - magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a

March 7, 2022
2021-current

CVE-2020-10447 - The way URIs are handled in admin/header.php in Chadha PHPKB Standard Mul

March 7, 2022