CVE-2014-3870

2014-05-2714:00:00

mitre

www.cve.org

cross-site scripting

wordpress

plugin

vulnerability

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.8%

JSON

Cross-site scripting (XSS) vulnerability in the bib2html plugin 0.9.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the styleShortName parameter in an adminStyleAdd action to OSBiB/create/index.php.

References

packetstormsecurity.com/files/126782/wpbib2html-xss.txt

www.securityfocus.com/bid/67589