The MomentoPress plugin for WordPress has a security flaw which can allow people with certain levels of access to insert malicious code into pages. This code could be used to harm users who visit the page. It is present in all versions up to and including 1.0.1, and can be fixed by making sure user supplied inputs are sanitized and properly escaped.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
