Cross Site Scripting vulnerability | WordPress.org

Resolved densewinter
(@densewinter)

1 month ago

This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site:

https://patchstack.com/database/wordpress/plugin/shortcoder/vulnerability/wordpress-shortcoder-plugin-6-5-1-cross-site-scripting-xss-vulnerability

Viewing 2 replies - 1 through 2 (of 2 total)

Thread Starter densewinter
(@densewinter)

1 month ago

Ah, I see will be fixed: https://wordpress.org/support/topic/cross-site-scripting-xss-16/

Plugin Author vaakash
(@vaakash)

3 weeks, 6 days ago

Hi ,

The security issue reported is relatively minor.

It is fixed in the latest version of the plugin v6.5.2

Please update the the plugin to this latest version.

Thanks,

Aakash

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

Tags

xss

2 replies
2 participants
Last reply from: vaakash
Last activity: 3 weeks, 6 days ago
Status: resolved