ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Emag Marketplace Connector plugin 1.0 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Product
Emag Marketplace Connector
Description
Unauthenticated Cross-Site Scripting (XSS) vulnerability found by Ricardo Sanchez in WordPress Emag Marketplace Connector plugin (version 1.0).
Solution
Update the WordPress Emag Marketplace Connector plugin to the latest available version (at least 1.0.1).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-2017-17043
Versions
Affected In 1.0
Fixed In 1.0.1
Disclosure date
2017-12-02
Credits
Ricardo Sanchez
Submitter
ThreatPress