WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of the WordPress Google Places Reviews plugin prior to 2.0.0, which stems from the plugin not properly escaping its Google API key setting. An attacker could use this vulnerability to trick super administrators into viewing the booby-trapped payload and take over their accounts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress google places reviews plugin | lt | 2.0.0 |