XSS Vulnerability in Related Posts Plugin for WordPress
CVE-2015-9361
6.1MEDIUM
What is CVE-2015-9361?
The Related Posts plugin for WordPress is impacted by a Cross-Site Scripting (XSS) vulnerability that arises from improper handling of input via the add_query_arg() and remove_query_arg() functions. This flaw allows attackers to inject malicious scripts into web pages viewed by unsuspecting users. If exploited, users can be subjected to a range of attacks, such as session hijacking or redirection to malicious sites. Users of affected versions prior to 1.8.2 are strongly advised to update their plugins to mitigate this risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved