Page 3 of 21 results (0.003 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2015-4127 – Church Admin < 0.810 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-4127
22 May 2015 — Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/. Vulnerabilidad de XSS en el plugin church_admin anterior a 0.810 para WordPress permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro address, tal y como fue demostrado mediante una solicit... • https://www.exploit-db.com/exploits/37112 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •