Cross-Site Scripting Vulnerability in amtyThumb Plugin for WordPress
CVE-2017-17059
6.1MEDIUM
What is CVE-2017-17059?
A Cross-Site Scripting (XSS) vulnerability exists in the amtyThumb plugin (version 8.1.3) for WordPress. This security flaw is triggered through the manipulation of the query string in the amtyThumbPostsAdminPg.php file, allowing an attacker to inject malicious scripts. The execution of these scripts can compromise user sessions and lead to unauthorized actions within the site. It is crucial for site administrators to update or patch their installations to mitigate potential risks associated with this vulnerability.