The LINE Notify plugin for WordPress has a security vulnerability that could allow unauthenticated attackers to inject malicious web scripts into pages. This means that when a user visits the page, the malicious script will run. The vulnerability is in versions up to and including 1.4.3, and is due to the plugin not filtering or protecting the ‘uid’ parameter.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
