5 matches found
PT-2026-1963
Name of the Vulnerable Software and Affected Versions AMP for WP plugin for WordPress versions prior to 1.1.11 Description The AMP for WP plugin for WordPress is susceptible to Stored Cross-Site Scripting through SVG file uploads. Insufficient sanitization of SVG file content allows for the...
EUVD-2021-10263
Malware in sbrugna...
CVE-2018-20838
ampforwpsavestepsdata in the AMP for WP plugin before 0.9.97.21 for WordPress allows stored XSS...
CVE-2018-20838
Summary: CVE-2018-20838 concerns the WordPress AMP for WP plugin. The vulnerability, described as a stored XSS in the function ampforwp_save_steps_data, affects versions before 0.9.97.21. The underlying issue is lack of proper validation of client-side data in the plugin, enabling an attacker to ...
WordPress AMP for WP Plugin Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in ampforwpsavestepsdata in WordPress AMP for WP plugin versions...