WordPress Plugin Vulnerabilities

Banner Effect Header <= 1.2.7 - Cross-Site Scripting (XSS)

Description

The Banner Effect Header WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
banner-effect-header
Fixed in 1.2.8

References

CVE
CVE-2015-1384
URL
https://www.netsparker.com/cve-2015-1384-xss-vulnerability-in-banner-effect-header/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
d8ac3afd-0be5-432d-bd88-2973954f843f

Timeline

Publicly Published
2015-01-30 (about 11 years ago)
Added
2015-01-30 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-08-27
Title
Chatbox Manager < 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2011-09-27
Title
Redline < 1.66 - XSS
Published
2024-06-10
Title
Ocean Extra < 2.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flickr Widget
Published
2021-09-28
Title
Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting
Published
2025-04-09
Title
Interactive Geo Maps < 1.6.25 - Reflected Cross-Site Scripting