WordPress Plugin Vulnerabilities

ZooEffect 1.08 - HTTP Referer Reflected XSS

Description

The ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 WordPress plugin was affected by a HTTP Referer Reflected XSS security vulnerability.

Affects Plugins

Plugin icon
1-jquery-photo-gallery-slideshow-flash
Fixed in 1.09

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
5abdae02-215f-4df8-a0e8-c1c1b2eafa4b

Timeline

Publicly Published
2014-08-01 (about 9 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2015-05-15 (about 8 years ago)

Other

Published
Title
Published
2023-01-13
Title
MagicForm <= 0.1 - Reflected Cross-Site Scripting
Published
2023-10-16
Title
Timely Booking Button <= 2.0.2 - Admin+ Stored XSS
Published
2023-07-26
Title
Molongui < 4.6.20 - Reflected XSS
Published
2021-08-02
Title
StoryChief < 1.0.31 - Reflected Cross-Site Scripting (XSS)
Published
2019-09-07
Title
Ellipsis Human Presence Technology <= 2.0.8 - Unauthenticated Reflected Cross Site Scripting (XSS)