WordPress is a set of blogging platforms developed by the WordPress (Wordpress) Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress plugin, which stems from a cross-site scripting (XSS) vulnerability in the settings page of the SMS Alert Order Notifications plugin in version 3.4.7 and prior versions. An attacker could exploit this vulnerability to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress sms alert | le | 3.4.7 |