1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: WordPress Yellow Pencil Visual Theme Customizer Plugin XSS 2

Attack: WordPress Yellow Pencil Visual Theme Customizer Plugin XSS 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a XSS vulnerability in WordPress Yellow Pencil Visual Theme Customizer Plugin.

Additional Information

Wordpress Yellow Pencil Visual Theme Customizer Plugin lets users customise any page and theme without coding. It suffers from a XSS vulnerability that can be exploited to insert malicious data on the website running the vulnerable version of the plugin.

Affected

  • All versions of the plugin

Response

The plugin should be uninstalled immediately
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube