CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2014-4724 – Custom Banners < 2.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2014-4724
29 Jun 2014 — Cross-site scripting (XSS) vulnerability in the Custom Banners plugin 1.2.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the custom_banners_registered_name parameter to wp-admin/options.php. Vulnerabilidad de XSS en el plugin Custom Banners 1.2.2.2 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro custom_banners_registered_name en wp-admin/options.php. Cross-site scripting (XSS) vulnerability in the ... • http://packetstormsecurity.com/files/127291/WordPress-Custom-Banners-1.2.2.2-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •