Unrated severityNVD Advisory· Published Sep 11, 2015· Updated Jun 17, 2026
CVE-2015-6920
CVE-2015-6920
Description
Cross-site scripting (XSS) vulnerability in js/window.php in the sourceAFRICA plugin 0.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
Affected products
2- cpe:2.3:a:sourceafrica_project:sourceafrica:0.1.3:*:*:*:*:wordpress:*:*
- Range: 0.1.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.