CVE-2017-18612

CVE-2017-18612

EPSS 1.0%

The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://rastating.github.io/wp-whois-domain-reflected-xss/https://wordpress.org/plugins/wp-whois-domain/#developers