WordPress Post views Stats 插件版本 <= 1.3 可能存在跨站脚本（XSS）漏洞。

The following segment is a description of the "Improper Neutralization of Input During Web Page Generation" vulnerability in cybernetikz, also known as Cross-site Scripting (XSS): 把以下段落从英文翻译成中文： Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Post views Stats allows Reflected XSS.This issue affects Post views Stats: from n/a through 1.3. The "Improper Neutralization of Input During Web Page Generation" vulnerability is a type of security flaw that can occur when user input is not properly sanitized and escaped before being displayed on a web page, allowing attackers to inject malicious code into the web application. This type of vulnerability is often referred to as Cross-site Scripting (XSS) and can be used by attackers to steal sensitive information or take control of the user's computer. The "Improper Neutralization of Input During Web Page Generation" vulnerability affects cybernetikz Post views Stats, which is a feature that displays statistical information about the number of views on each post in the web application. This feature allows attackers to inject malicious code into the web page through Reflected XSS, which can be used to steal sensitive information or take control of the user's computer. The severity of this vulnerability is determined by the version of cybernetikz being used. The issue affects versions 1.0 and 1.3. It is important to note that the issue has not been patched in these versions, and users are still at risk of being exploited. Therefore, it is recommended to upgrade to a newer version as soon as possible. In conclusion, this vulnerability highlights the importance of proper input validation and sanitization when working with user-generated content. It is crucial to ensure that all user input is properly escaped and sanitized to prevent potential security threats like Cross-site Scripting (XSS).

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)