Text only | Text with Images

WordPress Community Forum

WordPress Support => WordPress Vulnerability => Topic started by: Kailash on Jun 15, 2022, 10:06 AM

Title: WordPress Woody Code Snippets plugin <= 2.4.5 - XSS Vulnerability
Post by: Kailash on Jun 15, 2022, 10:06 AM
WordPress Woody Code Snippets plugin <= 2.4.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Plugin name: Woody code snippets – Insert Header Footer Code, AdSense Ads
Vulnerable versions: <= 2.4.5
Fixed in: 2.4.6
CVE ID: N/A
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-14

Vulnerability Details

Reflected Cross-Site Scripting (XSS) vulnerability discovered by WPScanTeam in WordPress Woody Code Snippets plugin (versions <= 2.4.5).

Solution

Update the WordPress Woody Code Snippets plugin to the latest available version (at least 2.4.6).

Plugin Link: https://wordpress.org/plugins/insert-php/
Text only | Text with Images