Smartypantsplugins » Wp-funeral-press : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.
Max CVSS
4.3
EPSS Score
2.43%
Published
2013-05-10
Updated
2017-08-29
1 vulnerabilities found