Описание
tarteaucitron-wp WordPress Plugin Vulnerable to Stored Cross-Site Scripting
The tarteaucitron-wp WordPress plugin before 0.3.0 allows author level and above users to add HTML into a post/page, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Пакеты
Наименование
couleurcitron/tarteaucitron-wp
composer
Затронутые версииВерсия исправления
< 0.3.0
0.3.0
Связанные уязвимости
CVSS3: 5.4
nvd
9 месяцев назад
The tarteaucitron-wp WordPress plugin before 0.3.0 allows author level and above users to add HTML into a post/page, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.