First published: Wed Aug 28 2019(Updated: )
Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ithemes Easy Eu Value Added \(vat\) Taxes | <1.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2015-9368.
The severity of CVE-2015-9368 is medium, with a severity value of 6.1.
The affected software for CVE-2015-9368 is the Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before version 1.2.0 for WordPress.
The CWE ID for CVE-2015-9368 is CWE-79.
To fix CVE-2015-9368, update the Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange to version 1.2.0 or newer.