WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions prior to WordPress plugin Translation Exchange 1.0.14, which stems from a lack of filtering and escaping in the “Project Keywords” text box in the plugin’s settings. Escape, no details of the vulnerability are available.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress translation exchange | lt | 1.0.14 |