Back
WordPress Piwik Plugin <= 1.0.9 - Persistent Cross Site Scripting
- Product
- Piwik
- Description
- Because of this vulnerability, anyone can change the plugin’s settings and through those settings add malicious JavaScript code to the website’s page.
- Solution
- Update the plugin.
- Classification
-
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- References
-
Plugin Vulnerabilities
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 1.0.9
Fixed In 1.0.10
- Disclosure date
- 2016-09-02
- Credits
- Claude Godlewski