Themes Vulnerabilities

SoundPress < 3.0.0 - Cross-Site Scripting (XSS)

Description

XSS vulnerability in Soundpress plugin

Affected version-2.2.6
Fixed version - 3.0.0

Affects Themes

soundpress
Fixed in 3.0.0

References

URL
https://plugins.trac.wordpress.org/changeset/2170338

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher
Admavidhya N
Submitter
Admavidhya N
Verified
No
WPVDB ID
54356db9-a91a-4d05-857e-9e17bd34c41e

Timeline

Publicly Published
2019-10-09 (about 6 years ago)
Added
2019-10-09 (about 6 years ago)
Last Updated
2020-03-03 (about 6 years ago)

Other

Published
Title
Published
2026-03-23
Title
Golo - City Travel Guide WordPress Theme < 1.7.5 - Reflected Cross-Site Scripting
Published
2014-08-01
Title
Spider Calendar 1.1.0 - "many_sp_calendar" Cross-Site Scripting
Published
2017-11-08
Title
Ultimate Instagram Feed <= 1.3 - Authenticated Cross-Site Scripting (XSS)
Published
2024-03-16
Title
WooCommerce License Manager < 5.3.2 - Reflected Cross-Site Scripting
Published
2024-06-22
Title
WP eMember < 10.6.6 - Bulk Delete via CSRF