WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions prior to WordPress Login using WordPress Users plugin 1.13.4, which stems from the plugin not cleaning and escaping some of its settings. An attacker with high privileges, such as an administrator, can use this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress login using wordpress users plugin | lt | 1.13.4 |