ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Tidio Gallery Plugin <= 1.1 - Cross Site Scripting (XSS)

Product
Tidio Gallery
Description
This vulnerability is in the php code /tidio-gallery/popup-insert-help.php.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Vapid
CVE
Name CVE-2016-1000153
Versions
Affected In <= 1.1
Fixed In 1.2
Disclosure date
2016-04-12
Submitter
ThreatPress