ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Visitor Maps & Who's Online Plugin <= 1.5.8.6 - XSS

Product
Visitor Maps & Who's Online
Description
Because of this vulnerability, authenticated administrators can store HTML or JS code.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Cinu
CVE
Name CVE-N/A
Versions
Affected In <= 1.5.8.6
Fixed In 1.5.8.7
Disclosure date
2015-08-20
Submitter
ThreatPress