Date: Mon, 6 Apr 2015 09:40:19 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE request: WordPress plugin wassup cross-site scripting vulnerability Please assign 2009 CVE identifier for WordPress plugin wassup cross-site scripting vulnerability fixed in 220.127.116.11 version, thanks. https://wordpress.org/plugins/wassup/changelog/ 18.104.22.168 Critical security and bug fix upgrade - disabled page reload triggered by WassUp screen resolution tracking. - fixed a security loophole found in main.php module. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=152760%40wassup%2Ftrunk%2Flib%2Fmain.php&old=151501%40wassup%2Ftrunk%2Flib%2Fmain.php&sfp_email=&sfph_mail= -- Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ