WordPress JSmol2WP plugin <= 1.07 - Unauthenticated Cross-Site Scripting (XSS) vulnerability
- Unauthenticated Cross-Site Scripting (XSS) vulnerability in WordPress JSmol2WP plugin (versions <= 1.07).
- 08.01.2019 - we were unable to find a patched version of this plugin. According to WordPess.org plugin repository, this plugin was closed on January 7, 2019 and is no longer available for download.
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-2018-20462
- Disclosure date