WordPress Plugin Vulnerabilities

WP Super Cache < 1.4.3 - Stored Cross-Site Scripting (XSS)

Description

The WP Super Cache WordPress plugin was affected by a Stored Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
wp-super-cache
Fixed in 1.4.3

References

URL
https://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.2 (high)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
b224d46b-37f1-41c1-b332-42d4a408d125

Timeline

Publicly Published
2015-04-07 (about 11 years ago)
Added
2015-04-07 (about 11 years ago)
Last Updated
2026-04-13 (about 1 month ago)

Other

Published
Title
Published
2025-01-16
Title
Event Countdown Timer Plugin by TechMix <= 1.4 - Reflected Cross-Site Scripting
Published
2014-08-01
Title
Group Documents 1.2.1 - Document Upload Multiple Field Stored XSS
Published
2024-05-21
Title
LearnPress – WordPress LMS Plugin < 4.2.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
Published
2021-08-11
Title
Software License Manager < 4.4.8 - Reflected Cross-Site Scripting
Published
2016-07-18
Title
Dwnldr 1.0 - Unauthenticated Stored Cross-Site Scripting (XSS)