WordPress Plugin TablePress XML External Entity Injection - CVE-2017-10889 - Vulnerability Database

WordPress Plugin TablePress XML External Entity Injection - CVE-2017-10889

Medium

Reference: CVE-2017-10889

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-10889

Title: WordPress Plugin TablePress XML External Entity Injection

Overview:

WordPress Plugin TablePress is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause Denial-of-Service condition. WordPress Plugin TablePress version 1.8 is vulnerable prior versions may also be affected.