ThreatPress

WordPress Vulnerabilities Database

Back

WordPress User Registration plugin <= 1.5.5 - Authenticated Cross-Site Scripting (XSS) vulnerability

Product
User Registration
Description
Authenticated Cross-Site Scripting (XSS) vulnerability found by "Mr Winst0n" in WordPress User Registration plugin (versions <= 1.5.5).
Solution
Update the WordPress User Registration plugin to the latest available version (at least 1.5.6).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.5.5
Fixed In 1.5.6
Disclosure date
2019-01-14
Credits
Mr Winst0n
Submitter
ThreatPress