Active Directory Integration / LDAP Integration, 6251e628a9c3ffe639b3664f20ab3124d449e8cc

CVE, Research URL: 6251e628a9c3ffe639b3664f20ab3124d449e8cc
Home page URL: Security reports for Active Directory Integration / LDAP Integration
Application: Active Directory Integration / LDAP Integration
Published on: Oct 18, 2023
Research Description: Active Directory Integration / LDAP Integration [ldap-login-for-intranet-sites] < 3.6.95 WordPress Active Directory Integration / LDAP Integration Plugin <= 3.6.94 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Active Directory Integration / LDAP Integration plugin to the latest available version (at least 3.6.95). WPScanTeam discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Active Directory Integration / LDAP Integration Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 3.6.95.
Affected versions: max 3.6.95.
Status: vulnerable