WordPress.Photo.Album.Plus.Error.Log.XSS
Description
This indicates an attack attempt against a Cross-site Scripting vulnerability in WordPress Photo Album Plus.
This is due to the user input filters failing to properly sanitize the "zip" parameter value that is passed to "/wp-admin/admin.php". An attacker can exploit this to execute arbitrary script code on vulnerable systems.
Affected Products
WP Photo Album Plus (WPPA) 5.4.5
Impact
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |