ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Retina 2x plugin <=5.2.0 - Cross-Site Scripting (XSS) vulnerability

Product
WP Retina 2x
Description
Cross-Site Scripting (XSS) vulnerability found in WordPress WP Retina 2x plugin (versions <=5.2.0). The vulnerability allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
Solution
Update the WordPress WP Retina 2x plugin to the latest available version (at least 5.2.2).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-2018-0511
Versions
Affected In <=5.2.0
Fixed In 5.2.2
Disclosure date
2018-03-13
Submitter
ThreatPress