The Powerkit plugin for WordPress can be easily hacked by attackers who have contributor-level or higher permissions. This is because the plugin does not properly clean up user input and does not protect against malicious scripts. This allows the attacker to add harmful code to any page on the website, which will run whenever a user visits that page.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
