CVE-2013-7279

WordPress S3 Video <0.983 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in views/video-management/preview_video.php in the S3 Video plugin before 0.983 for WordPress allows remote attackers to inject arbitrary web script or HTML via the base parameter.

References (5)

[Product] http://plugins.trac.wordpress.org/changeset?old_path=%2Fs3-video&old=823847&new_path=%2Fs3-video&new=823847

[Vendor Advisory] http://secunia.com/advisories/56167

[Vendor Advisory] http://wordpress.org/plugins/s3-video/changelog

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/89866

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/64420

Scores

EPSS 0.0052

EPSS Percentile 66.6%

Details

CWE

CWE-79

Status published

Products (4)

anthony_mills/s3_video < 0.982

anthony_mills/s3_video

n/a/n/a

Published Jan 08, 2014

Tracked Since Feb 18, 2026