WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress Favicon by RealFaviconGenerator plugin versions prior to 1.3.23 contain a cross-site scripting vulnerability that stems from Favicon by plugin fails to properly clean and escape the json_result_url parameter before exporting it back to the Favicon admin dashboard, which can be exploited by an attacker to cause a reflection cross-site scripting issue.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress favicon by realfavicongenerator plugin | lt | 1.3.23 |