RSS   Vulnerabilities for 'Wp voting contest'   RSS

2022-03-14
 
CVE-2022-0321

CWE-79
 

 
The WP Voting Contest WordPress plugin through 2.1 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue

 


Copyright 2024, cxsecurity.com

 

Back to Top