WordPress Plugin Vulnerabilities

RokBox <= 2.13 - jwplayer/jwplayer.swf abouttext Parameter XSS

Description

The wp_rokbox WordPress plugin was affected by a jwplayer/jwplayer.swf abouttext Parameter XSS security vulnerability.

Affects Plugins

Plugin icon
wp_rokbox
No known fix

References

URL
https://packetstormsecurity.com/files/#118884/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/80731
URL
https://seclists.org/fulldisclosure/2012/Dec/159

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
449046c4-02f2-48fa-8772-89d643692012

Timeline

Publicly Published
2014-08-01 (about 9 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2019-10-21 (about 4 years ago)

Other

Published
Title
Published
2011-09-27
Title
Zenlite < 4.4 - XSS
Published
2023-12-22
Title
WP Crowdfunding < 2.1.10 - Admin+ Stored XSS
Published
2021-08-16
Title
Email Artillery <= 4.1 - Multiple Authenticated SQL Injections
Published
2015-05-12
Title
Artificial Intelligence Theme <= 1.2.3 - DOM Cross-Site Scripting (XSS)
Published
2023-11-29
Title
Event post < 5.9.1 - Contributor+ Stored XSS