top of page

Posts

[WordPress WPComplete Plugin](versions 2.9.2 and older) vulnerability Cross-Site Scripting (XSS)

Updated: Feb 14


[WordPress WPComplete Plugin](versions 2.9.2 and older) Cross-Site Scripting (XSS) vulnerability


Importance (CVSS3.0)

★★★★★★★☆☆☆ 7.1/ 10  - High


Details

A cross-site scripting (XSS) vulnerability was discovered in WordPress WPComplete Plugin.


Because of this, malicious attackers can inject fraudulent scripts such as redirect, ads, and other HTML payloads into a website that may be executed when guests visit the website.


Solutions

Update the WordPress WPComplete Plugin to the newest version(2.9.5 and newer).


Source

CVE-2022-45825

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.


“[WordPress WPComplete Plugin](versions 2.9.2 and older) Cross-Site Scripting (XSS) vulnerability”, by WS Security is licensed under CC BY 4.0.


0 views
bottom of page