CloudFlare <= 1.3.20 - Authenticated Cross-Site Scripting (XSS)

Affects Plugin

fixed in version 1.3.21

References

PacketStorm 136444
URL https://plugins.trac.wordpress.org/changeset/1380592/cloudflare

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Sachin Wagh
Views 6656
Verified No
WPVDB ID 8428

Timeline

Publicly Published 2016-03-28 (over 4 years ago)
Added 2016-03-30 (over 4 years ago)
Last Updated 2020-02-20 (5 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin