WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of the WordPress Themify plugin prior to 1.3.8. The vulnerability stems from the fact that page parameters are not cleaned and escaped before being exported back to the properties of the administrative page, and an attacker could exploit this vulnerability to cause reflected cross-site scripting.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress themify plugin | lt | 1.3.8 |