ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Custom Body Class plugin <= 0.7.0 - Cross-Site Request Forgery (CSRF) > Stored Cross-Site Scripting (XSS) + Settings Update vulnerabilities

Product
Custom Body Class
Description
Cross-Site Request Forgery (CSRF) > Stored Cross-Site Scripting (XSS) + Settings Update vulnerabilities found in WordPress WP Custom Body Class plugin (versions <= 0.7.0).
Solution
Update the WordPress WP Custom Body Class plugin to the latest available version (at least 0.7.1).
Classification
Type Multi
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 0.7.0
Fixed In 0.7.1
Disclosure date
2019-07-15
Submitter
ThreatPress