WordPress Plugin Vulnerabilities

Claptastic clap! Button <= 1.3 - Authenticated Cross-Site Scripting (XSS)

Description

The claptastic-clap-button WordPress plugin was affected by an Authenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
claptastic-clap-button
No known fix

References

URL
https://packetstormsecurity.com/files/#136443/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
f7818130-7a93-4d05-a904-ebcf681da5a8

Timeline

Publicly Published
2016-03-28 (about 10 years ago)
Added
2016-03-30 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2024-04-15
Title
WP TradingView <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-10-15
Title
Omnipress < 1.5.0 - Contributor+ Stored XSS
Published
2025-03-28
Title
Leaky Paywall < 4.21.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-02-26
Title
BuddyBoss Platform < 2.8.00 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'link_title'
Published
2024-03-06
Title
Prime Slider – Addons For Elementor < 3.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fiestar Widget