CVE-2008-0691

Name of the Vulnerable Software and Affected Versions WP-Footnotes plugin version 2.2

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the admin panel.php file of the WP-Footnotes plugin. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters. The vulnerable parameters are wp footnotes current settings[priority], wp footnotes current settings[style rules], wp footnotes current settings[pre footnotes], and wp footnotes current settings[post footnotes].

Recommendations For WP-Footnotes plugin version 2.2, consider disabling the admin panel.php file or restricting access to it until a patch is available. Avoid using the vulnerable parameters in the affected admin panel until the issue is resolved. As a temporary workaround, restrict the input for the wp footnotes current settings parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.