A vulnerability has been found in BP Better Messages Plugin on WordPress (WordPress Plugin) and classified as problematic. Affected by this vulnerability is the function sanitize_text_field of the component Parameter Handler. Upgrading to version 1.9.9.41 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at plugins.trac.wordpress.org. The best possible mitigation is suggested to be upgrading to the latest version.
BP Better Messages Plugin prior 1.9.9.41 on WordPress Parameter sanitize_text_field subject cross site scripting
- Virtual Patching
- November 1, 2021
- 12:07 pm
- Virtual Patching
- November 1, 2021
- 12:07 pm
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker
CVE-2022-32549 : APACHE SLING COMMONS LOG/SLING API NEUTRALIZATION FOR LOGS
Description Apache Sling Commons Log