WordPress is a blogging platform developed using the PHP language. WordPress plugin WP YouTube Live 1.7.21 and previous versions are vulnerable to a cross-site scripting vulnerability, which stems from the plugin being vulnerable to a reflected cross-site scripting attack via POST data in the ~/inc/admin.php file, where an unauthenticated An unauthenticated attacker can use this vulnerability to inject arbitrary web scripts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wp youtube lives plugin | le | 1.7.21 |