Cross-Site Scripting Vulnerability in Easy Digital Downloads Htaccess Editor for WordPress
CVE-2015-9515
6.1MEDIUM
Summary
The XSS vulnerability in the Easy Digital Downloads htaccess Editor extension allows attackers to exploit the improper usage of the 'add_query_arg' function. This flaw can be leveraged to inject malicious scripts, affecting users' data integrity and privacy. It is crucial for affected users to update to the latest versions to safeguard against potential exploitation.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved