WordPress is the WordPress (Wordpress) Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Leaky Paywall in version 4.16.5 and below, which stems from insufficient input validation and cleanup via the ~/class.php file. An attacker with administrative user access could exploit the vulnerability to inject arbitrary web scripts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress leaky paywall | le | 4.16.5 |