Date: Mon, 6 Apr 2015 09:40:19 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE request: WordPress plugin wassup cross-site scripting vulnerability Please assign 2009 CVE identifier for WordPress plugin wassup cross-site scripting vulnerability fixed in 18.104.22.168 version, thanks. https://wordpress.org/plugins/wassup/changelog/ 22.214.171.124 Critical security and bug fix upgrade - disabled page reload triggered by WassUp screen resolution tracking. - fixed a security loophole found in main.php module. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=152760%40wassup%2Ftrunk%2Flib%2Fmain.php&old=151501%40wassup%2Ftrunk%2Flib%2Fmain.php&sfp_email=&sfph_mail= -- Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.