CVE-2014-6444 – Titan Framework <= 1.5.2 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2014-6444

07 Oct 2014 — Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php. Múltiples vulnerabilidades de XSS en el plugin Titan Framework en versiones anteriores a 1.6 para WordPress permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) t en iframe-g... • https://research.g0blin.co.uk/cve-2014-6444 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •