WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. A cross-site scripting vulnerability exists in versions of the WordPress CP Blocks plugin prior to 1.0.15, which stems from the plugin’s failure to clean and escape its “License ID” setting. A highly privileged attacker could exploit this vulnerability to perform cross-site scripting attacks.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress cp blocks | lt | 1.0.15 |