The Insert Estimated Reading Time WordPress plugin has a vulnerability that allows someone with administrator access to inject web scripts into certain pages of the website. This vulnerability only affects websites that have multiple sites and those that don’t allow unfiltered html. When someone visits an injected page, the web scripts will execute.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
