Filtered by vendor Spotlightyour Subscriptions
Filtered by product Spotlightyour Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-4552 1 Spotlightyour 1 Spotlightyour 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the paymentType parameter.