WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Imagemap Selector plugin, which stems from the plugin’s failure to clean up and escape parameters before exporting them back to the properties of the administrative page, which could be exploited by an attacker to cause a reflected cross-site scripting attack. can exploit this vulnerability to cause a reflected cross-site scripting attack.
CPE | Name | Operator | Version |
---|---|---|---|
WordPress Imagemap Selector plugin | lt | 0.3.3 |