The Visitors WordPress plugin up to and including 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. The plugin would display the user's user agent string without validation or encoding within the WordPress admin panel.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bestwebsoft visitors online |