WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Simple:Press 6.8 and earlier versions have a cross-site scripting vulnerability that stems from the “postitem” parameter during profile saving operations when modifying profile signatures. " parameter during the profile save operation when modifying the profile signature lacks effective filtering and escaping of user-supplied data, which can be exploited by attackers to launch cross-site scripting attacks.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress simple:press plugin | le | 6.8 |