OptionTree <= 2.5.5 - Authenticated Cross-Site Scripting (XSS)

Affects Plugin

fixed in version 2.6.0

References

URL https://security.szurek.pl/optiontree-255-reflected-xss.html

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Kacper Szurek
Submitter Ryan Dewhurst
Submitter Website https://wpscan.io
Submitter Twitter ethicalhack3r
Views 5575
Verified No
WPVDB ID 9264

Timeline

Publicly Published 2016-02-10 (over 3 years ago)
Added 2019-04-30 (3 months ago)
Last Updated 2019-04-30 (3 months ago)