Text only | Text with Images

WordPress Community Forum

WordPress Support => WordPress Vulnerability => Topic started by: Kailash on Jun 14, 2022, 01:11 AM

Title: Spectra WordPress Gutenberg Blocks <= 1.25.5 - XSS Vulnerability
Post by: Kailash on Jun 14, 2022, 01:11 AM
WordPress Spectra plugin <= 1.25.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Plugin name: Spectra – WordPress Gutenberg Blocks
Vulnerable versions: <= 1.25.5
Fixed in: 1.25.6
CVE ID: N/A
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-13

Vulnerability Details

Reflected Cross-Site Scripting (XSS) vulnerability discovered by WPScanTeam in WordPress Spectra plugin (versions <= 1.25.5).

Solution

Update the WordPress Spectra plugin to the latest available version (at least 1.25.6).

Plugin Link: https://wordpress.org/plugins/ultimate-addons-for-gutenberg/
Text only | Text with Images