PT-2024-10564 · Unknown · Chrisy Tfo Graphviz Plugin
Chrisy
·
Published
2024-03-31
·
Updated
2024-05-17
·
CVE-2015-10131
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
chrisy TFO Graphviz Plugin versions up to 1.9
Description
A vulnerability was found in the chrisy TFO Graphviz Plugin, which is classified as problematic. The issue affects the function
admin page load/admin page of the file tfo-graphviz-admin.php, leading to cross-site scripting. The attack can be launched remotely.Recommendations
For chrisy TFO Graphviz Plugin versions up to 1.9, upgrade to version 1.10 to address this issue. As a temporary workaround, consider disabling the
admin page load/admin page function in the tfo-graphviz-admin.php file until the upgrade is applied.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Chrisy Tfo Graphviz Plugin