WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.A cross-site scripting vulnerability exists in versions of the WordPress WP Accessibility Helper plugin prior to 0.6.0.7. The vulnerability stems from the plugin’s failure to clean up and escape wahi parameters before decoding the base64 values in the output page. An attacker could exploit this vulnerability to cause a reflection cross-site scripting issue.
CPE | Name | Operator | Version |
---|---|---|---|
WordPress WP Accessibility Helper plugin <0. | eq | 6.0.7 |