CVE-2014-5344

Mobiloud < 2.3.7 - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (mobiloud-mobile-app-plugin) plugin before 2.3.8 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.

References (2)

[Third Party Advisory] http://secunia.com/advisories/60530

[Patch] http://wordpress.org/plugins/mobiloud-mobile-app-plugin/changelog

Scores

EPSS 0.0017

EPSS Percentile 38.7%

Details

CWE

CWE-79

Status published

Products (46)

mobiloud/mobiloud < 2.3.7

mobiloud/mobiloud

... and 36 more

Published Aug 19, 2014

Tracked Since Feb 18, 2026