CVE-2010-4277
Embedded Video <= 4.1 - Cross-Site Scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in lembedded-video.php in the Embedded Video plugin 4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the content parameter to wp-admin/post.php.
Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en lembedded-video.php en el plugin Embedded Video v4.1 para WordPress permite a atacantes remotos inyecatar código web o HTML de su elección a través del parámetro content en wp-admin/post.php.
Cross-site scripting (XSS) vulnerability in embedded-video.php in the Embedded Video plugin 4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the content parameter to wp-admin/post.php.
Embedded Video WordPress Plugin suffers from a cross site scripting vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-11-17 CVE Reserved
- 2010-12-17 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/archive/1/515345/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/45486 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/64214 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Jovelstefan Search vendor "Jovelstefan" | Embedded-video Search vendor "Jovelstefan" for product "Embedded-video" | 4.1 Search vendor "Jovelstefan" for product "Embedded-video" and version "4.1" | - |
Affected
| in | Wordpress Search vendor "Wordpress" | Wordpress Search vendor "Wordpress" for product "Wordpress" | * | - |
Safe
|