Wordpress parsi-font plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. parsi-font is one of the font plug-ins. A cross-site scripting vulnerability exists in the Wordpress parsi-font...

CVE-2016-1000142

Reflected XSS in wordpress plugin parsi-font v4.2.5...

CVE-2016-1000142

Reflected XSS in wordpress plugin parsi-font v4.2.5...

Cross site scripting

Reflected XSS in wordpress plugin parsi-font v4.2.5...

CVE-2016-1000142

The CVE-2016-1000142 entry corresponds to a reflected cross-site scripting flaw in WordPress MW Font Changer plugin (parsi-font) versions up to 4.2.5. The vulnerability arises in the plugin’s reflected XSS via the vulnerable parameter handling, specifically in the CSS.php path, enabling injection...

CVE-2016-1000142

Reflected XSS in wordpress plugin parsi-font v4.2.5...

WordPress Parsi Font Plugin <= 4.2.5 - Cross Site Scripting (XSS)

This plugin is prone to a reflected cross site scripting vulnerability. Vulnerable file is /parsi-font/css.php. Solution Update the plugin...