The Xili-Tidy-Tags plugin for WordPress is not secure in versions up to and including 1.12.03. A hacker could send a malicious link to a website administrator and if they click on it, it could allow the hacker to import content without being authorized. This is due to the plugin not having the correct security measures, such as a nonce validation, in place.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
