CVE-2015-5151

NONE EPSS 74.2%
Published Jun 30, 201511y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jun 30, 2015 11y ago
Last Modified Jun 17, 2026 2w ago

Description

Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.

Threat Intelligence

EPSS Exploit Probability
74.2% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
themepunchslider_revolution4.2.2any

References 2

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.