WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is an application plugin for WordPress. WordPress Amelia Plugin 1.0.46 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the program’s failure to properly filter the lastName parameter in the ~/src/Application/ Controller/User/Customer/AddCustomerController.php file to filter the lastName parameter properly. An attacker could use this vulnerability to inject arbitrary web scripts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress amelia plugin | le | 1.0.46 |