| Max CVSS | 4.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3439 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScr
|
06-12-2016 - 03:01 | 05-08-2015 - 10:59 | |
| CVE-2015-3440 | 4.3 |
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type
|
06-12-2016 - 03:01 | 03-08-2015 - 14:59 | |
| CVE-2015-3438 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that rea
|
06-12-2016 - 03:00 | 05-08-2015 - 01:59 |