The Flash player widget plugin for WordPress is vulnerable to a security issue known as Content Spoofing in versions 1.3 and lower. This means that it does not properly check user input on the ‘mp3’ parameter, which could allow unauthenticated attackers to inject content into pages if they can get a user to perform an action such as clicking a link.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
