CVE-2015-9430

Name of the Vulnerable Software and Affected Versions crazy-bone plugin versions prior to 0.6.0 for WordPress

Description The issue is related to a Cross-Site Scripting (XSS) vulnerability, which occurs via the User-Agent HTTP header. This allows for potential malicious script injection, affecting the security of the system.

Recommendations For versions prior to 0.6.0, update to version 0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the User-Agent HTTP header until the update is applied.