Key Information Vulnerability Description - Vulnerability Type: Cross Site Scripting (XSS) - Affected Plugin: WordPress CaptionPix Plugin - Affected Versions: <= 1.8 - Priority: Medium priority - Risk: This vulnerability is moderately dangerous and expected to become exploited. Remediation - Automated Mitigation: Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. - Remove and Replace Software: This software was last updated over a year ago and will likely not receive further updates or fixes. Details - Software: CaptionFix - Type: Plugin - Vulnerable Versions: <= 1.8 - Fix Available: No Timeline - Report Date: 20 May 2023 - Early Warning Sent to Patchstack Customers: 29 Jun 2023 - Disclosure Date: 29 Jul 2023 Additional Notes - Software Likely Abandoned: This software is likely abandoned! - Recommendation: Urgently consider replacing the software with an alternative.