Cross-Site Scripting Vulnerability in Custom Banners for WordPress
CVE-2014-4724

Currently unrated

Key Information:

Vendor: Wordpress
Status: Custom Banners
Vendor: CVE Published:; 7 July 2014

What is CVE-2014-4724?

The Custom Banners plugin for WordPress, specifically version 1.2.2.2, is susceptible to a Cross-Site Scripting (XSS) vulnerability. This flaw allows remote attackers to inject arbitrary web scripts or HTML code through the 'custom_banners_registered_name' parameter when accessing the wp-admin/options.php page. As a result, this vulnerability could be exploited to execute malicious scripts in the context of an affected user's session.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/68279

vdb-entryx_refsource_BID

http://packetstormsecurity.com/files/127291/WordPress-Cus...

x_refsource_MISC

Timeline

Vulnerability published
Jul 7, 2014
Vulnerability Reserved
Jul 7, 2014

JSON

Wordpress

What is CVE-2014-4724?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.