WordPress Plugin Vulnerabilities

Add Any Extension to Pages <= 1.3 - XSS

Description

The Add Any Extension to Pages WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
add-any-extension-to-pages
Fixed in 1.4

References

URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=1637848%40add-any-extension-to-pages&old=1547657%40add-any-extension-to-pages

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
214b59c3-5411-4137-b1a7-3bba417e495b

Timeline

Publicly Published
2017-04-14 (about 9 years ago)
Added
2019-06-20 (about 6 years ago)
Last Updated
2019-06-20 (about 6 years ago)

Other

Published
Title
Published
2025-01-16
Title
blu Logistics <= 1.0.0 - Reflected Cross-Site Scripting
Published
2025-03-17
Title
WP Email Delivery <= 1.20.11.23 - Reflected XSS
Published
2024-06-22
Title
if-so < 1.8.0.4 - Admin+ Stored XSS
Published
2024-03-25
Title
Co-marquage service-public.fr < 0.5.72 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Published
2022-02-14
Title
LoginPress < 1.5.12 - Reflected Cross-Site Scripting