Multiple cross-site scripting (XSS) vulnerabilities in twitget.php in the Twitget plugin before 3.3.3 for WordPress allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the twitget_consumer_key parameter to wp-admin/options-general.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-10-17T22:00:00
Updated: 2024-08-06T10:28:46.386Z
Reserved: 2014-04-24T00:00:00
Link: CVE-2014-2995
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-10-17T22:55:04.673
Modified: 2024-11-21T02:07:18.053
Link: CVE-2014-2995
Redhat
No data.