Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Pagination by BestWebSoft – Customizable WordPress Content Splitter and Navigation Plugin 1.2.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 23, 2023

The Pagination by BestWebSoft plugin for WordPress is vulnerable to a security issue known as Stored Cross-Site Scripting. This is an issue where malicious scripts can be added to pages which will be executed when a user accesses the page. This only affects certain WordPress installations; those which are multi-site or have disabled a particular feature known as unfiltered_html. The vulnerability is present in all versions up to and including 1.2.2, due to the plugin not properly sanitizing input or properly escaping output. To protect against this, ensure the plugin is updated to the latest version.

Detected in:

Pagination by BestWebSoft – Customizable WordPress Content Splitter and Navigation Plugin fixed vulnerable versions: >= * <= 1.2.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.