CVE-2014-9311
EUVD-2014-913614.04.2015, 14:59
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action to wp-admin/admin-ajax.php.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| shareaholic | shareaholic | 𝑥 ≤ 7.6.0.9 |
𝑥
= Vulnerable software versions
References