WordPress Landing Pages plug-in SQL injection and Cross-Site Scripting
WordPress Landing Pages plug-in SQL injection and Cross-Site Scripting
Release date:
Updated on:
Affected Systems:
WordPress Landing Pages
Description:
Bugtraq id: 74777
The WordPress Landing Pages plug-in allows you to create a site login page.
WordPress Landing Pages 1.8.4 and other versions have the SQL injection and Cross-Site Scripting Vulnerabilities. After successful exploitation, attackers can steal cookie authentication creden, and access or modify data, other vulnerabilities in the underlying database are exploited.
<* Source: Adri & #195; & #161; n M. F.
*>
Suggestion:
Vendor patch:
WordPress
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://wordpress.org/plugins/landing-pages/
This article permanently updates the link address: