ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Footnotes Plugin <= 2.2 - Multiple XSS vulnerabilities

Product
Footnotes
Description
Because of these vulnerabilities in admin_panel.php, the attackers can inject arbitrary web script or HTML.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
CVE Mitre
CVE
Name CVE-2008-0691
Versions
Affected In <= 2.2
Fixed In 2.3
Disclosure date
2008-02-11
Credits
NBBN