CVE-2015-6238 in Google Analyticator Plugininformación

Resumen (Inglés)

Multiple cross-site scripting (XSS) vulnerabilities in the Google Analyticator plugin before 6.4.9.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) ga_adsense, (2) ga_admin_disable_DimentionIndex, (3) ga_downloads_prefix, (4) ga_downloads, or (5) ga_outbound_prefix parameter in the google-analyticator page to wp-admin/admin.php.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservar

2015-08-14

Divulgación

2015-09-21

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadCWEExpConCVE
77981Google Analyticator Plugin admin.php secuencias de comandos en sitios cruzados79No está definidoArreglo oficialCVE-2015-6238

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!