CVE-2014-7956

Cross-site scripting (XSS) vulnerability in the Pods plugin before 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action in the pods page to wp-admin/admin.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:podsfoundation:pods:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2015-01-15 15:59

Updated : 2024-02-04 18:35


NVD link : CVE-2014-7956

Mitre link : CVE-2014-7956

CVE.ORG link : CVE-2014-7956


JSON object : View

Products Affected

podsfoundation

  • pods
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')