The Recently Viewed Products plugin for WordPress is not secure in versions up to 1.0.0. This means that unauthenticated attackers can use the ‘rvpguest’ cookie to inject a malicious code into the system. If additional plugins or themes are installed, the attacker could be able to delete files, access confidential information, or run code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
