Descrição
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content.
Software
Não informado
Tipo Software
Core
CVE
CVE-2012-2401
Tags
Nâo informado
Data de publicação
21/04/2012
Última atualização
12/04/2025
Pontuação em CVSS 3.0
---
Não medido