Pay Per Media Player Project » Pay Per Media Player : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in payper/payper.php in the Pay Per Media Player plugin 1.24 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) fcolor, (2) links, (3) stitle, (4) height, (5) width, (6) host, (7) bcolor, (8) msg, (9) id, or (10) size parameter.
Max CVSS
4.3
EPSS Score
0.23%
Published
2014-07-02
Updated
2015-08-28
1 vulnerabilities found