Vulnerabilities (CVE)

Filtered by vendor Plupload Subscribe
Filtered by product Plupload
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4566 2 Plupload, Wordpress 2 Plupload, Wordpress 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack.