Security report for CVE WP Photo Album Plus > CVE-2013-3254
- CVE
- Application
- Date
- Jun 07, 2024, 07:06:15
- Research Description
- Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the commentid parameter in a wppa_manage_comments edit action.
- Status
-
vulnerableMedium
- Actual on
- Oct 06, 2024, 07:10:45