WordPress Plugin Vulnerabilities

DW Question & Answer <= 1.4.2.2 - Stored Cross-Site Scripting (XSS)

Description

The DW Question & Answer WordPress plugin was affected by a Stored Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
dw-question-answer
Fixed in 1.4.2.3

References

URL
https://www.peerlyst.com/posts/dw-question-answer-xss-vulnerability-rahul-pratap-singh

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
7fc351ef-2cd7-40e4-8ad0-71c73350a3b5

Timeline

Publicly Published
2016-03-11 (about 10 years ago)
Added
2016-03-13 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2022-12-06
Title
WordPress Filter Gallery Plugin < 0.1.6 - Admin+ Stored XSS
Published
2025-01-07
Title
MT Addons for Elementor < 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-05-29
Title
Verge3D < 4.9.4 - Reflected Cross-Site Scripting
Published
2015-02-02
Title
WordPress Calls to Action <= 2.2.7 - Stored XSS
Published
2025-01-16
Title
Simple Custom post type custom field <= 1.0.3 - Reflected Cross-Site Scripting