Security for everyone

CVE-2015-2807 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Navis DocumentCloud plugin for WordPress affects v. before 0.1.1.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one




The Navis DocumentCloud plugin for WordPress is a popular plugin commonly used by individuals and organizations alike to easily upload and manage documents in their WordPress websites. This plugin proves to be an effective tool for managing and sharing documents across multiple platforms and ensuring reliable document management for WordPress websites. Navis DocumentCloud is an ideal choice for businesses that require a secure and straightforward way to upload and manage their important documents.

However, this plugin was recently discovered to have a vulnerability that can be exploited by attackers to execute arbitrary web scripts or HTML. This vulnerability, designated as CVE-2015-2807, is found within the js/window.php file in the Navis DocumentCloud plugin, and can be triggered remotely by an attacker who exploits a weak point in the wpbase parameter. As a result, if left unaddressed, attackers can insert malicious code into the affected WordPress websites, compromising their security, availability, and confidentiality.

When this vulnerability is exploited, it could result in several attacks that could seriously impact the security of your digital assets. It could lead to identity theft, loss of confidential data, injection of malware, or even an entire website takeover. As a result, all affected sites would be considered at significant risk, and measures must be taken to mitigate the damage.

In conclusion, thanks to the pro features of the platform, it is now quite easy to identify and deal with vulnerabilities that pose threats to your digital assets. By using the platform, business owners and site managers can ensure the safety and security of their digital assets by detecting and addressing vulnerabilities promptly and effectively. Give your site the security it deserves by leveraging today.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture