Back
WordPress SEO Rank Reporter Plugin <= 2.2.2 - Cross Site Scripting (XSS)
- Product
- SEO Rank Reporter
- Description
- Because of this vulnerability, authenticated administrators can inject html or JS code. Vulnerable parameters are "keyword_item" and "entry_url".
- Solution
- Update the plugin.
- Classification
-
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- References
-
Cinu
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 2.2.2
Fixed In 2.2.3
- Disclosure date
- 2015-11-24
- Credits
- Marcin Probola
- Submitter
- ThreatPress