ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Accessibility plugin <= 1.6.10 - Minor Authenticated Stored Cross-Site Scripting (XSS) in custom CSS

Product
WP Accessibility
Description
Minor Authenticated Stored Cross-Site Scripting (XSS) in custom CSS found in WordPress WP Accessibility plugin (versions <= 1.6.10).
Solution
Update the WordPress WP Accessibility plugin to the latest available version (at least 1.7.0).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.6.10
Fixed In 1.7.0
Disclosure date
2020-01-21
Submitter
ThreatPress