16 Fév 2015
CVE-2015-1494
Vulnerability Details : CVE-2015-1494(1 public exploit) The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an mfbfw[*] parameter in an update action to wp-admin/admin-post.php, as demonstrated by the mfbfw[padding] parameter and exploited in the wild in February 2015. Publish Date : 2015-02-17 Last Update Date : 2015-03-09 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2015-1494
- Number Of Affected Versions By Product
- References For CVE-2015-1494
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2015-1494There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information) |