WordPress Plugin Vulnerabilities

podPress 8.8.10.13 - players/1pixelout/1pixelout_player.swf playerID Parameter XSS

Description

The podpress WordPress plugin was affected by a players/1pixelout/1pixelout_player.swf playerID Parameter XSS security vulnerability.

Affects Plugins

Plugin icon
podpress
Fixed in 8.8.10.17

References

CVE
CVE-2013-2714
URL
https://packetstormsecurity.com/files/#121011/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
ae488bb8-6308-4173-8eb7-b503f1e16810

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-07-01
Title
Backwp <= 2.0.2 - Reflected Cross-Site Scripting
Published
2024-12-05
Title
RRAddons for Elementor <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-04-17
Title
Payment Form for PayPal Pro < 1.1.73 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2017-04-11
Title
Login with AJAX Plugin <= 3.1.6 - Cross-Site Scripting (XSS)
Published
2024-09-25
Title
Super Testimonials <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via alignment Parameter