oss-sec mailing list archives
CVE request: WordPress plugin wassup cross-site scripting vulnerability
From: Henri Salo <henri () nerv fi>
Date: Mon, 6 Apr 2015 09:40:19 +0300
Please assign 2009 CVE identifier for WordPress plugin wassup cross-site scripting vulnerability fixed in 1.7.2.1 version, thanks. https://wordpress.org/plugins/wassup/changelog/ 1.7.2.1 Critical security and bug fix upgrade - disabled page reload triggered by WassUp screen resolution tracking. - fixed a security loophole found in main.php module. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=152760%40wassup%2Ftrunk%2Flib%2Fmain.php&old=151501%40wassup%2Ftrunk%2Flib%2Fmain.php&sfp_email=&sfph_mail= -- Henri Salo
Current thread:
- CVE request: WordPress plugin wassup cross-site scripting vulnerability Henri Salo (Apr 05)