ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Music Store Plugin <= 1.0.41 - Cross Site Scripting (XSS)

Product
Music Store
Description
Because of cross site scripting vulnerability, the attacker can steal cookie-based authentication credentials and to launch other attacks.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Packet Storm Security
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.41
Fixed In 1.0.43
Disclosure date
2016-03-28
Credits
Sachin Wagh