WordPress Keyword Link Plugin <= 1.7 - CrossSite Scripting (XSS)
- Product
- Keyword Link
- Description
- Because of this vulnerability, authenticated administrators can store HTML or JS code via "limit" parameter.
- Solution
- Update the plugin.
- Classification
-
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS) - References
-
Cinu
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 1.7
Fixed In 1.8 - Disclosure date
- 2015-11-24
- Credits
- Marcin Probola
- Submitter
- ThreatPress