Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) discovered by JrXnm in WordPress WP Extra File Types plugin (versions <= 0.5).
Update the WordPress WP Extra File Types plugin to the latest available version (at least 0.5.1).
CPE | Name | Operator | Version |
---|---|---|---|
wp extra file types | le | 0.5 |