Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2016-05-22T01:00:00
Updated: 2024-08-06T00:32:25.823Z
Reserved: 2016-05-07T00:00:00
Link: CVE-2016-4566
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2016-05-22T01:59:30.247
Modified: 2016-12-02T22:56:16.877
Link: CVE-2016-4566
Redhat
No data.