CVE-2014-9031 in WordPress
Sumário (Inglês)
Cross-site scripting (XSS) vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post.
Reservar
20/11/2014
Divulgação
25/11/2014
Inscrições
VulDB provides additional information and datapoints for this CVE: