Mightymess : Security Vulnerabilities, CVEs,

CVE-2015-9420

The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter.
Max CVSS
6.1
EPSS Score
0.17%
Published
2019-09-26
Updated
2019-10-02

CVE-2012-6624

Cross-site scripting (XSS) vulnerability in the SoundCloud Is Gold plugin 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter in a soundcloud_is_gold_player_preview action to wp-admin/admin-ajax.php.
Max CVSS
4.3
EPSS Score
0.23%
Published
2014-01-16
Updated
2019-09-30
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close