Full Disclosure

Stored XSS in Plotly allows less privileged users to insert arbitrary JavaScript into posts (WordPress plugin)

July 13, 2015 007admin Leave a comment

Posted by dxw Security on Jul 13

Details
================
Software: Plotly
Version: 1.0.2
Homepage: http://wordpress.org/plugins/wp-plotly/
Advisory report:
https://security.dxw.com/advisories/stored-xss-in-plotly-allows-less-privileged-users-to-insert-arbitrary-javascript-into-posts/
CVE: CVE-2015-5484
CVSS: 6.5 (Medium; AV:N/AC:L/Au:S/C:P/I:P/A:P)

Description
================
Stored XSS in Plotly allows less privileged users to insert arbitrary JavaScript into posts…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information