Posted by DefenseCode on Apr 12

DefenseCode ThunderScan SAST Advisory
53+ WordPress plugins by BestWebSoft Multiple
Cross-Site Scripting (XSS) Vulnerabilities

Advisory ID: DC-2017-02-014
Software: 53+ WordPress plugins by BestWebSoft
Software Language: PHP
Version: Various
Vendor Status: Vendor contacted, vulnerabilities confirmed
Release Date: 20170412
Risk: Medium

# Advisory Overview

BestWebSoft published more than 50 plugins to the wordpress.org site….