ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Indexito Plugin <= 1.0.5 - Cross Site Scripting (XSS)

Product
Indexito
Description
Because of this vulnerability, the variable indexisto_index appears to send unsanitized data back to the users browser.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Vapid
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.5
Fixed In 1.0.6
Disclosure date
2016-04-12
Credits
Larry W. Cashdollar
Submitter
ThreatPress