Cross-Site Scripting Vulnerability in WP Favorite Posts Plugin by WordPress
CVE-2016-1160
6.1MEDIUM
Summary
The WP Favorite Posts plugin for WordPress has a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This security flaw exists due to unspecified vectors, potentially compromising user data and website integrity. It's crucial for users of the affected versions to promptly update to version 1.6.6 or later to safeguard against this vulnerability.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved