Description

WordPress Plugin WebP Express is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin WebP Express version 0.14.21 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 0.14.22 or latest

References

https://plugins.svn.wordpress.org/webp-express/trunk/README.txt

Related Vulnerabilities

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20416)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4064)

WordPress Plugin File Uploader Arbitrary File Upload (1.1)

Oracle JRE CVE-2014-2427 Vulnerability (CVE-2014-2427)

WordPress Plugin WP Auctions 'wpa_id' Parameter SQL Injection (1.8.8)

Severity

High

Tags

Missing Update