CVE-2014-3870

Bib2html - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the bib2html plugin 0.9.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the styleShortName parameter in an adminStyleAdd action to OSBiB/create/index.php.

References (2)

[Exploit] http://packetstormsecurity.com/files/126782/wpbib2html-xss.txt

[Exploit] http://www.securityfocus.com/bid/67589

Scores

EPSS 0.0017

EPSS Percentile 38.7%

Details

CWE

CWE-79

Status published

Products (2)

bib2html_project/bib2html

n/a/n/a

Published May 27, 2014

Tracked Since Feb 18, 2026