Vulnerabilities
Vulnerable Software
Webtechideas:  Security Vulnerabilities
A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress. Once the administrator has submitted the data, the script stored is executed for all the users visiting the website.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-05-05
The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-10-10


Contact Us

Shodan ® - All rights reserved