ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)

Product
WordPress
Description
Cross-Site Scripting (XSS) vulnerability found by Anas Roubi (qasuar) in WordPress (link modal) version 4.8.1 and earlier versions.
Solution
Update the WordPress to the latest available version (at least 4.8.2).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
WordPress 4.8.2 Security release page
CVE
Name CVE-N/A
Versions
Affected In <=4.8.1
Fixed In 4.8.2
Disclosure date
2017-09-19
Credits
Anas Roubi (qasuar)
Submitter
ThreatPress