If the Link gets clicked, Javascript code can be executed. The HTML-injection may trick authenticated users to follow the link.
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link.
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada premium theme versions mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription.Ĭross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit 音 乐 播 放 器 plugin &attributes, Name > &attributes, &icons, &names, &description, &link, &title.
0 kommentar(er)
