The Simple Spoiler plugin for WordPress versions 1.2 to 1.3 has a security issue that allows anyone to run any code they want. This happens because the plugin automatically runs any code that is written in the comments section. This means that people who are not logged in or authorized can run any code they want.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
