WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress application plugin. WordPress CleanTalk plugin 5.173 and earlier versions have a cross-site scripting vulnerability that originates in /lib/Cleantalk/ ApbctWP/FindSpam/ListTable/Users.php. The page parameter in the column_ct_username function in /lib/Cleantalk/FindSpam/ListTable/Users.php lacks input and output data validation filters. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress cleantalk plugin | le | 5.173 |