Software
GamiPress – Youtube integration
Type
Plugin
Vulnerable versions
<= 1.0.7
Fixed in
1.0.8
OWASP Top 10
A7: Cross-Site Scripting (XSS)
Classification
Cross Site Scripting (XSS)
CVE
N/A
Patch priority
Medium
CVSS severity
Medium (6.5)
Developer
Claim ownership
PSID
1fad36729cfa
Credits
Unknown
Required privilege
Contributor
Published
21 March, 2023
Plugin Changelog Vulnerability details
Expand full details Have additional information or questions about this entry? Let us know.
We advise to mitigate or resolve the vulnerability immediately.
Vendor | Product | Version | CPE |
---|---|---|---|
- | gamipress_–_youtube_integration | * | cpe:2.3:a:-:gamipress_–_youtube_integration:*:*:*:*:*:*:*:* |
plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2846070%40gamipress-youtube-integration%2Ftrunk&old=2805259%40gamipress-youtube-integration%2Ftrunk&sfp_email=&sfph_mail=
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/gamipress-youtube-integration/gamipress-youtube-integration-107-authenticated-contributor-stored-cross-site-scripting-via-shortcode