The Blocksy Companion plugin for WordPress can be hacked through the plugin’s Newsletter widget. This is because the plugin does not properly protect against harmful code that users may input. This allows attackers with certain permissions to add their own code to a page, which will then run whenever someone views that page.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
