- Feb 2, 2023
- 1 min read

[WordPress WPComplete Plugin](versions 2.9.2 and older) vulnerability Cross-Site Scripting (XSS)

Updated: Feb 14, 2023

[WordPress WPComplete Plugin](versions 2.9.2 and older) Cross-Site Scripting (XSS) vulnerability

Importance (CVSS3.0)

★★★★★★★☆☆☆ 7.1/ 10　 - High

Details

A cross-site scripting (XSS) vulnerability was discovered in WordPress WPComplete Plugin.

Because of this, malicious attackers can inject fraudulent scripts such as redirect, ads, and other HTML payloads into a website that may be executed when guests visit the website.

Solutions

Update the WordPress WPComplete Plugin to the newest version(2.9.5 and newer).

Source

CVE-2022-45825

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress WPComplete Plugin](versions 2.9.2 and older) Cross-Site Scripting (XSS) vulnerability”, by WS Security is licensed under CC BY 4.0.

Enterprise
Server Infrastructure
Management

Posts

[WordPress WPComplete Plugin](versions 2.9.2 and older) vulnerability Cross-Site Scripting (XSS)

Recent Posts

Beyond GTA Inc.

Services

Policies

Beyond GTA Inc.
7030 Woodbine Ave., Markham, ON, L3R 6G2, Canada

Copyright 2021 Beyond GTA Inc.