Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui 4.6.18

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 26, 2023

The Molongui plugin for WordPress has a security vulnerability which allows unauthenticated attackers to inject malicious code into web pages. This code will be executed every time a user visits the affected page. The vulnerability is present in all versions of the Molongui plugin up to version 4.6.18, because the plugin does not properly sanitize user input or escape output.

Detected in:

Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui fixed vulnerable versions: >= * <= 4.6.19
Author Box, Guest Author and Co-Authors for Your Posts – Molongui fixed vulnerable versions:
Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.