Cross-Site Scripting Vulnerability in All in One SEO Pack for WordPress
CVE-2013-5988
6.1MEDIUM
Summary
The All in One SEO Pack plugin for WordPress is susceptible to a Cross-Site Scripting (XSS) attack due to improper handling of user-supplied data via the Search parameter. This vulnerability may allow an attacker to inject malicious scripts into the web application, potentially compromising the security of users interacting with the website.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved