WordPress Plugin Vulnerabilities
Accelerated Mobile Pages < 1.0.93 - Unautenticated Reflected Cross-Site Scripting
Description
The plugin is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter due to insufficient input sanitization and output escaping on the executed JS file. T
Affects Plugins
Fixed in 1.0.93 References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
stealthcopter
Verified
No
WPVDB ID
Timeline
Publicly Published
2024-01-22 (about 2 years ago)
Added
2024-01-24 (about 2 years ago)
Last Updated
2024-01-24 (about 2 years ago)
WPScan 