WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. The Fathom Analytics plugin is a WordPress open source application plugin. A cross-site scripting vulnerability exists in the WordPress Fathom Analytics plugin, which originates in the ~/fathom-analytics.php file The vulnerability is caused by insufficient validation of the $site_id parameter input in the ~/fathom-analytics.php file, which can be exploited by an attacker with administrative user access to inject arbitrary web scripts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress fathom analytics | le | 3.0.4 |