WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. WordPress Visual CSS Style Editor plugin in versions prior to 7.5.4 has a cross-site scripting vulnerability that stems from not cleaning up and escaping the wyp_page_type parameter. An attacker could use this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress visual css style editor plugin | lt | 7.5.4 |