[WordPress WPComplete Plugin](versions 2.9.2 and older) Cross-Site Scripting (XSS) vulnerability
Importance (CVSS3.0)
★★★★★★★☆☆☆ 7.1/ 10 - High
Details
A cross-site scripting (XSS) vulnerability was discovered in WordPress WPComplete Plugin.
Because of this, malicious attackers can inject fraudulent scripts such as redirect, ads, and other HTML payloads into a website that may be executed when guests visit the website.
Solutions
Update the WordPress WPComplete Plugin to the newest version(2.9.5 and newer).
Source
We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.
“[WordPress WPComplete Plugin](versions 2.9.2 and older) Cross-Site Scripting (XSS) vulnerability”, by WS Security is licensed under CC BY 4.0.
Comments