WordPress Plugin Vulnerabilities

WD Instagram Feed <= 1.3.0 - XSS

Description

The 10Web Social Photo Feed WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
wd-instagram-feed
Fixed in 1.3.1

References

CVE
CVE-2018-10300
CVE
CVE-2018-10301
URL
https://packetstormsecurity.com/files/#147316/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
d5ad0449-835c-4256-b856-cfde73f47489

Timeline

Publicly Published
2018-04-23 (about 7 years ago)
Added
2019-06-26 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-01-10
Title
WP MediaTagger <= 4.1.1 - Reflected XSS
Published
2024-03-25
Title
Bold Page Builder < 4.7.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via class
Published
2014-12-03
Title
WP Statistics <= 8.4 - Unauthenticated Referer Header Stored XSS
Published
2023-03-28
Title
Video Central for WordPress <= 1.3.0 - Contributor+ Stored XSS
Published
2022-10-10
Title
Envira Gallery Lite < 1.8.4.7 - Reflected Cross-Site Scripting