The HTML5 Lyrics Karaoke Player plugin for WordPress is vulnerable to a type of cyber attack called Reflected Cross-Site Scripting. This type of attack can occur if someone is able to trick a user into clicking on a link. The plugin versions up to 2.4 are affected because they do not have the necessary security measures in place to prevent this type of attack.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
