Cross-Site Scripting Vulnerability in Google Doc Embedder for WordPress
CVE-2015-1879

Currently unrated

Key Information:

Vendor

Wordpress
Status
Google Doc Embedder
Vendor
CVE Published:
19 February 2015

What is CVE-2015-1879?

A vulnerability exists in the Google Doc Embedder plugin for WordPress, allowing remote attackers to inject arbitrary web scripts or HTML. This occurs via the profile parameter during an edit action on the gde-settings page accessible through wp-admin/options-general.php. Users are advised to update to version 2.5.19 or later to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/72547
vdb-entryx_refsource_BID
http://packetstormsecurity.com/files/130309/WordPress-Goo...
x_refsource_MISC
https://wordpress.org/plugins/google-document-embedder/ch...
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.