WordPress Safe Editor Plugin <= 1.1 - Multiple Vulnerabilities
- Safe Editor
- This plugin is prone to an unauthenticated CSS and JS injection. The attackers can inject whatever they want when "wp_footer" and "wp_head" is called, because "se_save" function is not sanitized.
- Update the plugin.
OWASP Top 10 A2: Broken Authentication and Session Management
- Name CVE-N/A
Fixed In 1.2
- Disclosure date