1 results (0.012 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter. Vulnerabilidad de XSS en res/fake_twitter/frame.php en el plugin 'verwei.se - WordPress - Twitter' (verweise-wordpress-twitter) 1.0.2 y anteriores para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro base. • http://codevigilant.com/disclosure/wp-plugin-verweise-wordpress-twitter-a3-cross-site-scripting-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •