ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Embed Articles Plugin <= 7.0.3 - Multiple Vulnerabilities

Product
Embed Articles
Description
This plugin is prone to a cross site scripting and cross site request forgery vulnerabilities. Attackers can insert arbitrary script into admin page, hijack admin's cookies etc.
Solution
This plugin is closed.
Classification
Type Multi
References
Packet Storm Security
CVE
Name CVE-N/A
Versions
Affected In <= 7.0.3
Fixed In 7.0.4
Disclosure date
2015-05-07
Credits
Kaustubh G. Padwad
Submitter
ThreatPress