CVE-2015-10118

Name of the Vulnerable Software and Affected Versions cchetanonline WP-CopyProtect versions up to 3.0.0

Description A vulnerability was found in the function CopyProtect options page of the file wp-copyprotect.php. The manipulation of the argument CopyProtect nrc text leads to cross-site scripting. The attack can be initiated remotely. Upgrading to version 3.1.0 is able to address this issue.

Recommendations For cchetanonline WP-CopyProtect versions up to 3.0.0, upgrade to version 3.1.0 to address the issue. As a temporary workaround, consider restricting access to the CopyProtect options page function until the upgrade is applied. Avoid manipulating the CopyProtect nrc text argument in the affected file until the issue is resolved.