Spam Byebye <= 2.2.1 is vulnerable to Cross-Site Scripting (XSS) vulnerability

Unauthenticated

Published
2019-01-13

Cross-site scripting vulnerability in WordPress plugin spam-byebye 2.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE

https://www.cve.org/CVERecord?id=CVE-2018-16206

CVSS

Score:6.1

Severity:Medium

Version: 2.2.1

There is a patch available in v2.2.2 and we strongly recommend you update to this version as soon as possible.