Cross-Site Scripting Vulnerabilities in Better WP Security Plugin for WordPress

CVE-2012-4264

Summary

The Better WP Security plugin for WordPress is vulnerable to multiple cross-site scripting (XSS) issues that can be exploited by remote attackers. These vulnerabilities stem from insufficient input validation in various server variables, allowing malicious scripts or HTML to be injected. This poses a risk to WordPress users, as it could enable attackers to execute unauthorized actions through affected instances of the plugin.

References