WPML <= 3.6.3 - XSS

Affects Plugin

fixed in version 4.0

References

CVE 2018-18069
URL https://0x62626262.wordpress.com/2018/10/08/sitepress-multilingual-cms-plugin-unauthenticated-stored-xss/

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Views 1485
Verified No
WPVDB ID 9698

Timeline

Publicly Published 2018-10-08 (about 1 year ago)
Added 2019-08-23 (3 months ago)
Last Updated 2019-08-23 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin