ThreatPress

WordPress Vulnerabilities Database

Back

WordPress GigPress Plugin 2.1.10 - Stored XSS

Product
GigPress
Description
This vulnerability allows an attacker to inject malicious HMTL code and attack any user that views the page where the malicious show is posted.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In 2.1.10, 3.0.5
Fixed In 2.1.11
Disclosure date
2011-02-24
Credits
Saif El-Sherei