WordPress Ooorl Plugin - Cross Site Scripting

2014-06-2300:00:00

Prajal Kulkarni

patchstack.com

EPSS

0.001

Percentile

49.8%

Because of this vulnerability in redirect.php, the attackers can inject arbitrary web script or HTML via the “url” parameter.

Solution

           Update the plugin.

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4542

EPSS

0.001

Percentile

49.8%

Related for PATCHSTACK:D5197E4B1CE007C4BEFF2FF0A0100354