Back to search
CVE-2015-1436
Published: Feb 16, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easingslider_manage_customizations or (2) easingslider_edit_sliders page to wp-admin/admin.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
wp-easingslider-cve20151436-xss(100861)
vdb-entry
x_refsource_XF
https://wordpress.org/plugins/easing-slider/changelog/
x_refsource_CONFIRM
20150211 Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin
mailing-list
x_refsource_BUGTRAQ
72572
vdb-entry
x_refsource_BID
https://www.htbridge.com/advisory/HTB23249
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now