Back
WordPress Social LikeBox & Feed plugin <= 2.8.4 - Cross-Site Scripting (XSS) vulnerability
- Product
- Social LikeBox & Feed
- Description
- Cross-Site Scripting (XSS) vulnerability found in WordPress Social LikeBox & Feed plugin (versions <= 2.8.4).
- Solution
- Update the WordPress Social LikeBox & Feed plugin to the latest available version (at least 2.8.5).
- Classification
-
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- References
-
Plugin changelog
- CVE
- Name CVE-2019-15781
- Versions
-
Affected In
<= 2.8.4
Fixed In 2.8.5
- Disclosure date
- 2019-08-29
- Submitter
- ThreatPress