The NextScripts plugin for WordPress is not properly protecting itself from malicious code in versions up to, and including, 4.4.2. This vulnerability means that an unauthenticated attacker can inject web scripts into pages, which will execute if they can get a user to perform an action like clicking on a link. This could potentially cause harm to the user and the website.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
