The AMP ToolBox plugin for WordPress has a security vulnerability in versions up to 2.1.1 which allows unauthenticated attackers to inject malicious web scripts into webpages. This is done by taking advantage of the lack of input sanitization and output escaping of the ‘url’ parameter. If an attacker can get a user to click on a link, the malicious script can execute.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
