Vendor

Commentluv

Products

CVEs

Across products

Status

Private

Products

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2013-1409		0.03	—	0.03		Mar 3, 2014	Cross-site scripting (XSS) vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/admin-ajax.php.

CVE-2013-1409Mar 3, 2014
risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/admin-ajax.php.