WordPress Plugin Vulnerabilities

Alpine PhotoTile for Instagram <= 1.2.7.5 - Authenticated Cross-Site Scripting (XSS)

Description

The alpine-photo-tile-for-instagram WordPress plugin was affected by an Authenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
alpine-photo-tile-for-instagram
Fixed in 1.2.7.6

References

CVE
CVE-2015-9432
URL
http://cinu.pl/research/wp-plugins/mail_8af3902b4f3a5d06304937c7eab1ee35.html
URL
http://blog.cinu.pl/2015/11/php-static-code-analysis-vs-top-1000-wordpress-plugins.html

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.5 (medium)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
e8066d29-04f4-4fb8-b920-3c8a06a8fba5

Timeline

Publicly Published
2015-08-20 (about 10 years ago)
Added
2015-11-23 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2021-09-15
Title
Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting
Published
2023-12-21
Title
Post SMTP < 2.8.7 - Reflected Cross-Site Scripting
Published
2025-03-24
Title
AvaiBook <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2025-08-14
Title
WP Table Builder < 2.0.13 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-06-26
Title
Lana Shortcodes < 1.2.0 - Contributor+ Stored XSS