CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2012-3414 — MEDIUM severity vulnerability | Release Alert
CVE-2012-3414
4.3
MEDIUMCVSS v2
Published
July 19, 2013
Affected
3 projects
Assigned by
Red Hat
Severity scale
010
Description
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.
GitHubWordPress, Git-ified. This repository is just a mirror of the WordPress subversion repository. Please do not send pull requests. Submit pull requests to https://github.com/WordPress/wordpress-develop and patches to https://core.trac.wordpress.org/ instead.
RubyGemsThe Wordpress gem provides posting to a Wordpress.com blog or a self hosted wordpress by providing your username, password, login url(if you host your blog) and your blog content. With this gem, you have access to add a text entry on Wordpress blog by providing these options: title text, body text, and a tag array. You must include at least title text or body text with your post.
Posting images with posts, posting only images and pulling down your posts will be available very soon.