Exploitation Summary
EIP tracks 1 public exploit for CVE-2013-3526. PoCs published by Beni_Vanda. A Nuclei detection template is also available.
AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in the Traffic Analyzer plugin for WordPress due to improper input sanitization. An attacker can inject arbitrary script code via the 'aoid' parameter in the 'ta_loaded.js.php' file.
Description
Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the aoid parameter.
Exploits (1)
The exploit describes a cross-site scripting (XSS) vulnerability in the Traffic Analyzer plugin for WordPress due to improper input sanitization. An attacker can inject arbitrary script code via the 'aoid' parameter in the 'ta_loaded.js.php' file.