WordPress Plugin Vulnerabilities

SEO Friendly Images <= 3.0.4 - Cross-Site Scripting (XSS)

Description

The SEO Friendly Images WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
seo-image
Fixed in 3.0.5

References

URL
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=1058363%40seo-image&old=1056220%40seo-image&sfp_email=&sfph_mail=

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
6ad6caa8-dfd6-47eb-b693-2eb1ffa6c3de

Timeline

Publicly Published
2015-01-03 (about 11 years ago)
Added
2015-01-03 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2026-03-06
Title
DA Media GigList <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'list_title' Shortcode Attribute
Published
2025-01-07
Title
F4 Post Tree < 1.1.19 - Reflected Cross-Site Scripting
Published
2025-01-05
Title
Paytm Payment Donation < 2.3.2 - Reflected Cross-Site Scripting
Published
2024-11-17
Title
WordPress GDPR < 2.0.3 - Unauthenticated Stored Cross-Site Scripting
Published
2023-04-18
Title
BBSpoiler < 2.02 - Contributor+ Stored XSS