MidnightBSD

Advisories for snapapp_project

CVE-2014-4596 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in js/button-snapapp.php in the SnapApp plugin 1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) msg or (2) act parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
snapapp_project snapapp *