Multiple Cross-Site Scripting Vulnerabilities in Apptha Video Gallery Plugin
CVE-2014-9098

Currently unrated

Key Information:

Vendor: Wordpress
Status: Contus Video Gallery
Vendor: CVE Published:; 26 November 2014

What is CVE-2014-9098?

The Apptha WordPress Video Gallery plugin version 2.5 contains multiple cross-site scripting vulnerabilities that can be exploited by remote authenticated users. These vulnerabilities allow attackers to inject arbitrary web scripts or HTML via the videoadssearchQuery parameter, affecting three key PHP files: videoads/videoads.php, video/video.php, and playlist/playlist.php. Successful exploitation can lead to unauthorized actions on behalf of users and compromise the security of the affected WordPress site.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/127611/WordPress-Vid...

x_refsource_MISC

http://www.securityfocus.com/bid/68883

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 26, 2014

JSON

Wordpress

What is CVE-2014-9098?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.