The WP Brutal AI plugin for WordPress, before version 2.0.1, contains a security flaw that could allow unauthenticated attackers to inject malicious web scripts into pages. This is possible because the plugin does not properly sanitize input or escape output, which can be exploited if the attackers can trick a user into clicking on a link or taking some other action.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
