ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Incoming Links Plugin <= 0.9.9b - Cross Site Scripting

Product
Incoming Links
Description
This plugin is prone to a cross site scripting vulnerability via referrers.php.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
WordPress
CVE
Name CVE-N/A
Versions
Affected In <= 0.9.9b
Fixed In 0.9.910b
Disclosure date
2015-02-01
Submitter
ThreatPress