CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-100007 – HK Exif Tags <= 1.11 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2014-100007
Cross-site scripting (XSS) vulnerability in the HK Exif Tags plugin before 1.12 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information. Vulnerabilidad de XSS en el plugin HK Exif Tags anterior a 1.12 para WordPress permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una etiqueta EXIF. NOTA: algunos de estos detalles se obtienen de información de terceras partes. Cross-site scripting (XSS) vulnerability in the HK Exif Tags plugin before 1.12 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via an EXIF tag. • http://secunia.com/advisories/57753 https://exchange.xforce.ibmcloud.com/vulnerabilities/92555 https://wordpress.org/plugins/hk-exif-tags/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •