Wp Plugin Stripshow

Plugin Details

Plugin Name: wp-plugin : stripshow
Effected Version : 2.5.2 (and most probably lower version's if any)
Vulnerability : Injection
Minimum Level of Access Required : Administrator
CVE Number :
Identified by : Anantshri
WPScan Reference URL

Disclosure Timeline

Technical Details


Here the parameter “story” is susceptible. However the risk is limited as this is only possible for administrators.