CVE-2013-1464

Publication date

2013-02-07 02:00:00

Family

mitre

State

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in assets/player.swf in the Audio Player plugin before 2.0.4.6 for Wordpress allows remote attackers to inject arbitrary web script or HTML via the playerID parameter.