1 results (0.008 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3CVE-2014-6243 – EWWW Image Optimizer <= 2.0.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2014-6243
09 Oct 2014 — Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngout error message. Vulnerabilidad de XSS en el plugin EWWW Image Optimizer anterior a 2.0.2 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro e... • https://packetstorm.news/files/id/128621 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •