The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext to a text box in the configuration panel, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xcloner xcloner 3.1.1 |
||
xcloner xcloner 3.5.1 |