WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Athletics plugin version 1.1.7 and prior versions are vulnerable to a cross-site scripting vulnerability that results from the plugin’s failure to clean up and escape gender parameters before exporting back to the admin page. parameter before outputting back to the admin page. An attacker could use this vulnerability to launch a reflected cross-site scripting attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wp athletics plugin | le | 1.1.7 |