WordPress Plugin Vulnerabilities

WP ViperGB < 1.13.16 - XSS

Description

The WP-ViperGB WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
wp-vipergb
Fixed in 1.13.16

References

CVE
CVE-2015-9356
URL
https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
c2b1f05c-34c9-4417-8e40-951c19af3cb2

Timeline

Publicly Published
2015-06-05 (about 10 years ago)
Added
2019-08-28 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-01-16
Title
The Loops <= 1.0.2 - Reflected Cross-Site Scripting
Published
2025-01-08
Title
Yumpu E-Paper publishing < 3.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-10-12
Title
Fast WP Speed <= 1.0.0 - Reflected XSS
Published
2023-07-20
Title
Gestion-Pymes <= 1.5.6 - Admin+ Stored XSS
Published
2025-04-15
Title
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor < 3.13.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode