The Custom Permalinks plugin for WordPress has a security issue in versions up to 2.6.0. This means that someone with the ability to edit content on the website can insert harmful scripts into pages that will run when someone visits that page. This can happen even if the website has disabled a security feature called ‘unfiltered_html’.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
