PT-2022-7847 · WordPress · Infinitewp Client Plugin

Yorick Koster

Published

2022-07-23

Updated

2022-07-29

CVE-2016-15004

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions InfiniteWP Client Plugin versions 1.5.1.3 through 1.6.0

Description A critical issue has been found, affecting an unknown functionality, which leads to injection when manipulated. The attack can be launched remotely.

Recommendations For InfiniteWP Client Plugin versions 1.5.1.3 through 1.6.0, upgrade to version 1.6.1.1 to address this issue.

Exploit

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2016-15004

Affected Products

Infinitewp Client Plugin

PT-2022-7847 · WordPress · Infinitewp Client Plugin

CVE-2016-15004

Weakness Enumeration

Related Identifiers

Affected Products

References · 6