WordPress Plugin Vulnerabilities

WP Advanced Comment <= 0.10 - Stored Cross-Site Scripting (XSS)

Description

The WP Advanced Comment WordPress plugin was affected by a Stored Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
wp-advance-comment
Fixed in 0.11

References

Exploitdb
39548

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
de2171b5-bb43-4fe4-a54c-719eadbae365

Timeline

Publicly Published
2016-03-10 (about 10 years ago)
Added
2016-03-13 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2025-05-07
Title
NEX-Forms – Ultimate Form Builder – Contact forms and much more < 8.9.2 - Authenticated (Custom) Stored Cross-Site Scripting
Published
2024-03-25
Title
Astra < 4.6.9 - Contributor+ Stored XSS
Published
2025-01-16
Title
ePermissions <= 1.2 - Reflected Cross-Site Scripting
Published
2014-08-01
Title
WP Lead Management 3.0.0 - Script Insertion Vulnerabilities
Published
2023-07-17
Title
Bubble Menu < 3.0.5 - Admin+ Stored XSS