Cross-site scripting in SoundPress plugin for WordPress

CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications

Security Advisory. This security advisory describes one low risk vulnerability.

1) Cross-site scripting. Severity: Low. CVSSv3: [PCI] CVE-ID: N/A. CWE-ID: Description. CWE-79 – Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) The disclosed vulnerability allows a….