A plugin called “Bulk YouTube Post Creator” used in WordPress is at risk for a type of attack called “Reflected Cross-Site Scripting”. This is because it doesn’t properly clean up the information it receives and sends out. This means that someone who is not logged in to the website can insert harmful code into a page if they can trick a user into clicking on a link.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
