The MathJax LaTeX plugin for WordPress had a security issue in versions before 1.2. An attacker who could trick a site administrator into clicking a link could have changed the settings of the plugin, without the administrator’s authorization. This was possible because the plugin was missing validation to make sure the request was legitimate.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
