First published: Wed May 31 2023(Updated: )
A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function twttr_settings_page of the file twitter.php. The manipulation of the argument twttr_url_twitter/bws_license_key/bws_license_plugin leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.3.7 is able to address this issue. The name of the patch is e04d59ab578316ffeb204cf32dc71c0d0e1ff77c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230155.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Twitter | <=1.3.2 | |
<=1.3.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2014-125103.
The severity level of CVE-2014-125103 is medium (6.1).
The BestWebSoft Twitter Plugin up to version 1.3.2 on WordPress is affected by CVE-2014-125103.
The CWE category of CVE-2014-125103 is CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
To fix CVE-2014-125103, it is recommended to update the BestWebSoft Twitter Plugin to a version higher than 1.3.2.