PT-2019-7664 · WordPress · All-In-One-Wp-Security-And-Firewall

Publicado

2019-08-13

·

Atualizado

2019-08-16

·

CVE-2016-10868

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions all-in-one-wp-security-and-firewall plugin versions prior to 4.0.5
Description The issue concerns the all-in-one-wp-security-and-firewall plugin for WordPress, which has a cross-site scripting (XSS) problem. This problem is found in the blacklist, file system, and file change detection settings pages.
Recommendations For versions prior to 4.0.5, update to version 4.0.5 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2016-10868

Produtos afetados

All-In-One-Wp-Security-And-Firewall