WordPress Footnotes Plugin <= 2.2 - Multiple XSS vulnerabilities
Vulnerable versions
<= 2.2
PSID
8462d103897b
Classification
Cross Site Scripting (XSS)
OWASP Top 10
A3: Cross Site Scripting (XSS)
Required privilege
Publicly disclosed
2008-02-11
Patchstack vPatch available since
09.12.2021
Details
Because of these vulnerabilities in admin_panel.php, the attackers can inject arbitrary web script or HTML.
Solution
Update the plugin.
References
CVE Mitre