WordPress Plugin Vulnerabilities

PWA for WP <= 1.0.8 - XSS

Description

The PWA for WP & AMP WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
pwa-for-wp
Fixed in 1.0.9

References

URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=2057552%40pwa-for-wp&old=2041924%40pwa-for-wp

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
f737a5c7-6c40-4a75-9145-045cc707cdc0

Timeline

Publicly Published
2019-03-25 (about 7 years ago)
Added
2019-06-19 (about 6 years ago)
Last Updated
2019-06-19 (about 6 years ago)

Other

Published
Title
Published
2024-01-05
Title
Happy Addons for Elementor (Free < 3.10.0, Pro < 2.10.0) - Reflected Cross-Site Scripting
Published
2021-09-09
Title
Advance Search < 1.1.3 - Reflected Cross-Site Scripting
Published
2023-05-12
Title
Booking Ultra Pro < 1.1.7 - Subscriber+ Settings Update
Published
2025-02-05
Title
Simple Certain Time to Show Content < 1.3.1 - Reflected XSS
Published
2015-06-05
Title
Ninja Forms <= 2.9.18 - Cross-Site Scripting (XSS)