The MP3-jPlayer plugin for WordPress has a security vulnerability which can allow unauthenticated attackers to inject malicious web scripts into pages. This is due to the ‘mp3’ parameter not being properly sanitized in versions up to 1.8.11. If a user is tricked into performing an action such as clicking on a link, these malicious web scripts can be executed.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
