Summary
This host is installed with WordPress WHOIS plugin and is prone to cross-site scripting vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary web script or HTML in a user's browser session in the context of an affected site.
Impact Level: Application
Solution
Upgrade to WordPress WHOIS Plugin version 1.4.2.3 or later For updates refer to http://wordpress.org/extend/plugins/wordpress-whois-search/download/
Insight
The flaw is caused by an input validation error in the 'domain' parameter in '/wp-content/plugins/wordpress-whois-search/wp-whois-ajax.php' when processing user-supplied data.
Affected
WordPress WHOIS Plugin version prior to 1.4.2.3
References