1 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php. Múltiples vulnerabilidades de XSS en el plugin Titan Framework en versiones anteriores a 1.6 para WordPress permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) t en iframe-googlefont-preview.php o (2) text en iframe-font-preview.php. • https://research.g0blin.co.uk/cve-2014-6444 https://wpvulndb.com/vulnerabilities/8233 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •