cleantalk
Vulnerabilities and Security Researches

Tainacan, d42c12b6343112f86350eb39724eef87c5ee8cc2

Application

Tainacan

Published on
May 24, 2022
Research Description
Tainacan [tainacan] < 0.18.10 Tainacan <= 0.18.9 - Cross-Site Scripting The plugin Tainacan for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 0.18.9 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max 0.18.10.
Status
vulnerable