WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress WHMCS Bridge plugin has a cross-site scripting vulnerability that allows an attacker to pass the cc_whmcs_bridge_url parameter in the ~/whmcs-bridge/bridge_cp.php file for lack of filtering of user-supplied data and output data validation filter. An attacker could use this vulnerability to inject JavaScript and execute a stored XSS attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress whmcs bridge plugin | le | 6.1 |