WordPress WP Paginate plugin <= 2.1.8 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
PSID
cc69ea94263d
Classification
Cross Site Scripting (XSS)
OWASP Top 10
A7: Cross-Site Scripting (XSS)
Required privilege
Requires high role user authentication like admin.
Publicly disclosed
2022-06-16
Patchstack vPatch available since
09.12.2021
Details
Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by iohex in WordPress WP Paginate plugin (versions <= 2.1.8).
Solution
Update the WordPress WP Paginate plugin to the latest available version (at least 2.1.9).
References
Vulnerability details