Описание
The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter.
The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-18012
- https://packetstormsecurity.com/files/145218/WordPress-Z-URL-Preview-1.6.1-Cross-Site-Scripting.html
- https://plugins.svn.wordpress.org/z-url-preview/trunk/readme.txt
- https://wordpress.org/plugins/z-url-preview/#developers
- https://wordpress.org/support/topic/z-url-preview-1-6-1-cross-site-scripting
- https://wpvulndb.com/vulnerabilities/8990
Связанные уязвимости
CVSS3: 6.1
nvd
около 8 лет назад
The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter.