Cross-Site Scripting Vulnerability in wp-plotly Plugin for WordPress
CVE-2015-9347
6.1MEDIUM
Summary
The wp-plotly plugin for WordPress is susceptible to a Cross-Site Scripting (XSS) vulnerability due to improper handling of user inputs by authors. This security flaw can potentially allow attackers to inject malicious scripts, leading to unauthorized actions and data breaches when users interact with affected functionalities. It is crucial for users to update to version 1.0.3 or later to mitigate this risk.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved