CVE-2015-9459

Name of the Vulnerable Software and Affected Versions searchterms-tagging-2 plugin versions 1.535 and earlier

Description The issue is related to a Cross-Site Scripting (XSS) vulnerability. It occurs via the count parameter in the wp-admin/options-general.php API endpoint. This allows for potential malicious script injection.

Recommendations For searchterms-tagging-2 plugin versions 1.535 and earlier, consider disabling access to the wp-admin/options-general.php endpoint until a fix is available. Avoid using the count parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.