Cross-Site Scripting Vulnerability in Random Banner Plugin for WordPress
CVE-2014-4847

Currently unrated

Key Information:

Vendor: Wordpress
Status: Random Banner
Vendor: CVE Published:; 10 July 2014

What is CVE-2014-4847?

A vulnerability exists in the Random Banner plugin version 1.1.2.1 for WordPress that permits remote attackers to execute arbitrary web scripts or HTML. This security flaw can be exploited via the 'buffercode_RBanner_url_banner1' parameter during an update action in the WordPress admin dashboard, specifically in options.php. Successful exploitation can lead to unauthorized actions on behalf of users, data theft, or site manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/127292/WordPress-Ran...

x_refsource_MISC

http://www.securityfocus.com/bid/68280

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 10, 2014
Vulnerability Reserved
Jul 10, 2014

JSON

Wordpress

What is CVE-2014-4847?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.