Vulnerability
The older versions of WordPress uses unsecured Escape Version in Generator Tag. This tag fails to properly sanitize the input data. This vulnerability will lead to Cross-Site Scripting. An attacker sends text-based attack scripts to exploit the interpreter in the browser. Cross-site Scripting (XSS) is a client-side code injection attack where, an attacker can execute malicious scripts into a website or web application.
Impact
The impact include:-
- Execute malicious code
- Unstable web application
Impact and Fixes
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
