28 Feb

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Raygun4WP

Two weeks ago a user, yuyang998, on the wordpress.org Support Forum disclosed that the plugin Raygun4WP has a reflected cross-site scripting (XSS) vulnerability. On the thread for their disclosure, we asked if they would be disclosing the details of them somewhere and didn’t get an answer in their response, so we will go ahead and provide the details of what appears to be...
[The rest of this post is available for our customers, learn more below.]

Our Vulnerability Details posts provide the details of vulnerabilities we didn't discover and access to them is limited to customers of our service due to other security companies trying to sponge off the work needed to create those instead of doing their own work.

For existing customers, please log in to your account to view the rest of the post.

If you are not currently a customer, you can try the service for free for the first month (there are a lot of other reason that you will want to sign up beyond access to posts like this one).

If you are a WordPress plugin security researcher please contact us to get free access to all of our Vulnerability Details posts.

Leave a Reply

Your email address will not be published. Required fields are marked *