CVE-2014-5190

Currently unrated

Key Information:

Vendor: Wordpress
Status: Si Captcha Anti-spam
Vendor: CVE Published:; 7 August 2014

Summary

Cross-site scripting (XSS) vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

References

http://www.securityfocus.com/bid/69011

vdb-entryx_refsource_BID

http://packetstormsecurity.com/files/127723/WordPress-SI-...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/95104

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 7, 2014
Vulnerability Reserved
Aug 7, 2014