First published: Thu Apr 07 2011(Updated: )
Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouch_settings parameter to include/adsense-new.php. NOTE: some of these details are obtained from third party information.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bravenewcode Wptouch | =1.9.19.4 | |
Bravenewcode Wptouch | =1.9.20 | |
WordPress WordPress |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.