WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The Steam Group Viewer plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Steam Group Viewer plugin version 2.1 and earlier, which results from the plugin failing to clean or escape its “Steam Group Address” setting before outputting it on a page. The vulnerability is caused by the plugin’s failure to clean or escape its “Steam Group Address” setting before output on a page. An attacker could exploit this vulnerability to cause a cross-site scripting issue to be stored.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wordpress steam group viewer | le | 2.1 |