Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2333

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2014-2333
Last Modified 10 Jan 2015 09:59:08
Published 11 Apr 2014 10:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2014-2333

Summary

Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Marcel Brinkkemper Lazyest-gallery 1.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.1.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.10

  • Marcel Brinkkemper Lazyest-gallery 1.1.10.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.11

  • Marcel Brinkkemper Lazyest-gallery 1.1.12

  • Marcel Brinkkemper Lazyest-gallery 1.1.13

  • Marcel Brinkkemper Lazyest-gallery 1.1.14

  • Marcel Brinkkemper Lazyest-gallery 1.1.15

  • Marcel Brinkkemper Lazyest-gallery 1.1.16

  • Marcel Brinkkemper Lazyest-gallery 1.1.17.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.17.2

  • Marcel Brinkkemper Lazyest-gallery 1.1.17.4

  • Marcel Brinkkemper Lazyest-gallery 1.1.18

  • Marcel Brinkkemper Lazyest-gallery 1.1.19

  • Marcel Brinkkemper Lazyest-gallery 1.1.19.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.2.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.20

  • Marcel Brinkkemper Lazyest-gallery 1.1.3

  • Marcel Brinkkemper Lazyest-gallery 1.1.3.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.3.2

  • Marcel Brinkkemper Lazyest-gallery 1.1.3.3

  • Marcel Brinkkemper Lazyest-gallery 1.1.4

  • Marcel Brinkkemper Lazyest-gallery 1.1.5

  • Marcel Brinkkemper Lazyest-gallery 1.1.6

  • Marcel Brinkkemper Lazyest-gallery 1.1.7

  • Marcel Brinkkemper Lazyest-gallery 1.1.7.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.8

  • Marcel Brinkkemper Lazyest-gallery 1.1.8.1

  • Marcel Brinkkemper Lazyest-gallery 1.1.9

  • Marcel Brinkkemper Lazyest-gallery 1.1.9.1


References

BID - 66756

CONFIRM - http://wordpress.org/plugins/lazyest-gallery/changelog

SECUNIA - 57746

XF - lazyest-wordpress-xss(92598)


Last Updated: 27 May 2016 11:04:54