Proxy Amp Vpn Blocker
Monthly
Stored cross-site scripting in the WordPress plugin 'Proxy & VPN Blocker' (versions up to and including 3.5.8) lets attackers persist malicious JavaScript that executes in victims' browsers when an affected page is rendered. Reported by Patchstack and carrying a CVSS 3.1 score of 7.1 with a scope change, the flaw affects all releases from an unspecified initial version through 3.5.8. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Stored cross-site scripting in the WordPress plugin 'Proxy & VPN Blocker' (versions up to and including 3.5.8) lets attackers persist malicious JavaScript that executes in victims' browsers when an affected page is rendered. Reported by Patchstack and carrying a CVSS 3.1 score of 7.1 with a scope change, the flaw affects all releases from an unspecified initial version through 3.5.8. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.