WordPress Plugin Vulnerabilities

Xorbin Analog Flash Clock 1.0 - Flash-based XSS

Description

The Xorbin Analog Flash Clock WordPress plugin was affected by a Flash-based XSS security vulnerability.

Affects Plugins

Plugin icon
xorbin-analog-flash-clock
No known fix

References

CVE
CVE-2013-4692
URL
https://packetstormsecurity.com/files/#122222/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
e89136da-e985-489e-9184-d91caa08de63

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2014-08-01
Title
WP Photo Album Plus - index.php wppa-tag Parameter XSS
Published
2023-12-04
Title
Ultimate Addons for Contact Form 7 < 3.2.1 - Reflected Cross-Site Scripting
Published
2015-08-14
Title
WP REST API (WP API) <= 1.2.2 - Cross-Site Scripting (XSS)
Published
2025-02-17
Title
Active Products Tables for WooCommerce. Use constructor to create tables < 1.0.6.7 - Reflected Cross-Site Scripting
Published
2023-09-21
Title
Media Library Assistant < 3.11 - Contributor+ Stored XSS