WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. Asset CleanUp:Page Speed Booster WordPress plugin prior to version 1.3.8.5 is vulnerable to a cross-site scripting vulnerability, which stems from the fact that the wpacu_selected_sub _tab_area parameter is not escaped before it is exported back to the properties of the admin page. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
WordPress Asset CleanUp:Page Speed Booster plugin <1. | eq | 3.8.5 |