Cross-Site Scripting Vulnerability in Media Library Categories Plugin for WordPress
CVE-2012-6630

Currently unrated

Key Information:

Vendor: Wordpress
Status: Media Library Categories
Vendor: CVE Published:; 16 January 2014

Summary

The Media Library Categories plugin version 1.1.1 for WordPress contains multiple cross-site scripting vulnerabilities. These vulnerabilities can be exploited by remote attackers through the 'bulk' parameter in the add.php script or the 'q' parameter in the view.php script. Successful exploitation allows attackers to inject arbitrary web scripts or HTML, potentially compromising the security of user data and the integrity of the website.

References

http://packetstormsecurity.org/files/112697/WordPress-Med...

x_refsource_MISC

http://secunia.com/advisories/49170

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 16, 2014