Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in BrainCert – HTML5 Virtual Classroom 1.30

  • Severity: medium-risk
  • Status: Open
  • Publication: November 29, 2023

The BrainCert – HTML5 Virtual Classroom plugin for WordPress is vulnerable to an attack called Reflected Cross-Site Scripting. This type of attack can allow unauthenticated attackers to inject malicious web scripts into pages. If these malicious scripts can be successfully triggered, they can execute. This vulnerability affects all versions up to and including version 1.30 of the plugin, due to inadequate sanitization and escaping of user input.

Detected in:

BrainCert Virtual Classroom fixed vulnerable versions:
BrainCert – HTML5 Virtual Classroom open vulnerable versions: >= * <= 2.1

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.