Description

WordPress Plugin DMSGuestbook is prone to multiple vulnerabilities, which can be exploited by malicious users to disclose sensitive information or to manipulate data, and by malicious people to conduct cross-site scripting and script insertion attacks.

Remediation

Update to plugin version 1.10.0 or latest

References

http://www.exploit-db.com/exploits/5035/

http://www.securityfocus.com/archive/1/487437

http://secunia.com/advisories/28759/

Related Vulnerabilities

WordPress Plugin Stop Spammers Security-Block Spam Users, Comments, Forms Cross-Site Scripting (2021.17)

Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-33816)

Internet Information Services Other Vulnerability (CVE-2004-0205)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27913)

Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2021-43940)

Severity

High

Classification

CVE-2008-0615 CVE-2008-0616 CVE-2008-0617 CVE-2008-0618 CWE-22 CWE-79 CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update