Description
Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by John Leitch · textwebappsphp
https://www.exploit-db.com/exploits/35066
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_osvdb
http://www.osvdb.org/69764
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45266
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/63761
Exploit third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42545
Scores
EPSS
0.0071
EPSS Percentile
72.4%
Details
CWE
CWE-79
Status
published
Products (1)
ahmattox/processing_embed_plugin
0.5
Published
Mar 01, 2011
Tracked Since
Feb 18, 2026