Efence Project » Efence : Security Vulnerabilities, CVEs, CVSS score >= 1
Multiple cross-site scripting (XSS) vulnerabilities in callback.php in the efence plugin 1.3.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) zoneid, (3) pubKey, or (4) privKey parameter.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-07-02
Updated
2014-07-11
1 vulnerabilities found