Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin prior to 2.0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mg12 wp-recentcomments 2.0.4 |
||
mg12 wp-recentcomments 2.0.3 |
||
mg12 wp-recentcomments 2.0.6 |
||
mg12 wp-recentcomments 2.0.5 |
||
mg12 wp-recentcomments 1.8.1 |
||
mg12 wp-recentcomments 1.8 |
||
mg12 wp-recentcomments 2.0.2 |
||
mg12 wp-recentcomments 2.0.1 |
||
mg12 wp-recentcomments |
||
mg12 wp-recentcomments 2.0 |
||
mg12 wp-recentcomments 1.8.2 |