PT-2019-7403 · WordPress · Altos-Connect
Published
2019-09-26
·
Updated
2019-09-26
·
CVE-2015-9444
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
altos-connect plugin version 1.3.0
Description
The issue concerns a cross-site scripting (XSS) problem. It affects the
wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php "PATH SELF" in the altos-connect plugin.Recommendations
For version 1.3.0, consider removing or disabling the
index.php file in the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/ directory as a temporary workaround until a patch is available.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Altos-Connect