WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of the WordPress Beautiful Cookie Consent Banner plugin prior to 2.9.1. The vulnerability stems from failure to clean and escape certain settings, including the disabled unfiltered_html feature, and can be exploited by a highly privileged attacker such as an administrator to launch a stored cross-site scripting attack. attacker can use the vulnerability to launch a stored cross-site scripting attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress beautiful cookie consent banner plugin | lt | 2.9.1 |