Name of the Vulnerable Software and Affected Versions:

Use-your-Drive | Google Drive plugin for WordPress versions prior to 3.3.2

Description:

The Use-your-Drive | Google Drive plugin for WordPress is susceptible to Stored Cross-Site Scripting via the `title` parameter in file metadata. Insufficient input sanitization and output escaping allow attackers to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. The issue can be exploited by the lowest authentication level permitted to upload files, including unauthenticated users, after a file upload shortcode is published on a publicly accessible post.

Recommendations:

Update Use-your-Drive | Google Drive plugin for WordPress to version 3.3.2 or later.