ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Wordfence Security Plugin - Multiple Vulnerabilities

Product
Wordfence
Description
WordPress Wordfence Security plugin is prone to multiple HTML injection and security bypass vulnerabilities. These issues allow HTML and script code run in the context of the affected browser. In this way an attacker can steal cookie-based authentication credentials or control how the site is rendered to the user.
Solution
Upgrade the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2014-09-14
Credits
Voxel@Night