WordPress Popular Posts <= 5.3.3 is vulnerable to Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Administrator

Published
2021-07-03

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Vulnerable at &widget-wpp[2][post_type].

CVE

https://www.cve.org/CVERecord?id=CVE-2021-36872

CVSS

Score:5.5

Severity:Medium

Version: 5.3.3

There is a patch available in v5.3.4 and we strongly recommend you update to this version as soon as possible.