CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 1CVE-2013-6991 – WP-Cron Dashboard < 1.1.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-6991
Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plugin 1.1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php. Vulnerabilidad de cross-site scripting (XSS) en el plugin WP-Cron Dashboard 1.1.5 y anteriores para WordPress permite a atacantes remotos inyectar scripts web o HTML arbitrarios a través del parámetro procname a wp-admin/tools.php. WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability. • http://wordpress.org/support/topic/wp-cron-dashboard-115-security-vulnerability-notification-xss http://www.securityfocus.com/archive/1/530536/100/0/threaded https://www.htbridge.com/advisory/HTB23189 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •