Headline
CVE-2015-10013: Update for xss vulnerability, https://make.wordpress.org/plugins/2015… · WebDevStudios/taxonomy-switcher@e1a0d99
A vulnerability was found in WebDevStudios taxonomy-switcher Plugin up to 1.0.3. It has been classified as problematic. Affected is the function taxonomy_switcher_init of the file taxonomy-switcher.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.4 is able to address this issue. It is recommended to upgrade the affected component. VDB-217446 is the identifier assigned to this vulnerability.
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
Tags: taxonomy, taxonomies, term, terms, category, categories, convert, converter, tag, tags, custom taxonomy, custom taxonomies, switch taxonomies
Requires at least: 3.5
Tested up to: 3.8.1
Stable tag: 1.0.1
Stable tag: 1.0.2
License: GNU AGPLv3
License URI: http://www.gnu.org/licenses/agpl-3.0.html
@@ -42,6 +42,9 @@ Please keep in mind, if parent isn’t set, or you don’t specify a comma-separated
== Changelog ==
= 1.0.2 =
* Update for xss vulnerability, https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage
= 1.0.1 =
* Add ability to switch comma-separated list of term IDs.