Xss Cross Site Scripting vulnerability | WordPress.org

Resolved daknour
(@daknour)

8 years, 1 month ago

I have seen there is a XSS vulnerability in version 2.7.1 that may have not been solved in version 2.7.2 (https://www.intelligentexploit.com/view-details.html?id=22732). I have not seen anything about it here. Are you aware of it? Is it fixed in version 2.7.2?

https://wordpress.org/plugins/agp-font-awesome-collection/

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author Alexey Golubnichenko
(@agolubnichenko)

8 years, 1 month ago

Hi, daknour

It’s done in version 2.7.3 now.

But I don’t understand, what a harm this vulnerability can bring, if access to these pages is locked with a password to WP admin panel. If this password already has been hacked, it no longer makes sense to use this vulnerability. Does not it? 🙂

With kind regards!
Alexey

Plugin Author Alexey Golubnichenko
(@agolubnichenko)

8 years, 1 month ago

Currently I mark this topic as resolved. If you have other questions or comments you can reopen this topic or create a new one.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Xss Cross Site Scripting vulnerability’ is closed to new replies.

In: Plugins
2 replies
2 participants
Last reply from: Alexey Golubnichenko
Last activity: 8 years, 1 month ago
Status: resolved