WordPress Plugin Vulnerabilities

Code Snippets < 2.7.0 - Authenticated Reflected Cross-Site Scripting (XSS)

Description

The Code Snippets WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
code-snippets
Fixed in 2.7.0

References

URL
https://seclists.org/fulldisclosure/2016/Jul/60
URL
https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_code_snippets_wordpress_plugin.html

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
a7ebb9e7-4243-4531-9f05-2475a164d74b

Timeline

Publicly Published
2016-07-24 (about 9 years ago)
Added
2016-07-25 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2024-10-21
Title
Banner Slider <= 2.1 - Reflected Cross-Site Scripting
Published
2026-02-04
Title
Robin Image Optimizer < 2.0.3 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field
Published
2025-04-01
Title
WP Cleaner <= 1.1.5 - Reflected Cross-Site Scripting
Published
2025-04-09
Title
WooCommerce Sales MIS Report <= 4.0.3 - Reflected Cross-Site Scripting
Published
2024-06-20
Title
The Plus Addons for Elementor Page Builder < 5.6.0 - Reflected Cross-Site Scripting via WP Login and Register Widget