Vulnerabilities > MNT Tech > WP Facethumb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-07-01 | CVE-2014-4585 | Cross-Site Scripting vulnerability in Mnt-Tech Wp-Facethumb Cross-site scripting (XSS) vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajax_url parameter to index.php. | 4.3 |
| 2012-08-13 | CVE-2012-2371 | Cross-Site Scripting vulnerability in Mnt-Tech Wp-Facethumb 0.1 Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter. | 4.3 |