CVE-2010-4747 – WordPress Processing Embed <= 0.5.1 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-4747

Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en wordpress-processing-embed/data/popup.php del plugin Processing Embed 0.5 de WordPress. Permite a usuarios remotos inyectar codigo de script web o código HTML de su elección a través del parámetro pluginurl. Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter. • https://www.exploit-db.com/exploits/35066 http://secunia.com/advisories/42545 http://www.johnleitch.net/Vulnerabilities/WordPress.Processing.Embed.0.5.Reflected.Cross-site.Scripting/65 http://www.osvdb.org/69764 http://www.securityfocus.com/bid/45266 https://exchange.xforce.ibmcloud.com/vulnerabilities/63761 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •