CVE-2015-5535

Currently unrated

Key Information:

Vendor: Wordpress
Status: Qtranslate
Vendor: CVE Published:; 13 August 2015

Summary

Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the qtranslate page to wp-admin/options-general.php.

References

https://wpvulndb.com/vulnerabilities/8120

x_refsource_MISC

https://www.htbridge.com/advisory/HTB23265

x_refsource_MISC

http://packetstormsecurity.com/files/132916/WordPress-qTr...

x_refsource_MISC

Timeline

Vulnerability published
Aug 13, 2015
Vulnerability Reserved
Jul 16, 2015