The Virtue theme for WordPress has a security issue where a post author’s name can be used to inject harmful code on the website. This can happen if the latest post feature is enabled on the homepage. This can allow attackers with certain access levels to add malicious code that will run when a user visits a page.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
