← back
CVE-2018-10300

CVE-2018-10300

EPSS 1.0%
Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in an Instagram profile's bio.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://medium.com/%40squeal/wd-instagram-feed-1-3-0-xss-vulnerabilities-cve-2018-10300-and-cve-2018-10301-7173ffc4c271https://wpvulndb.com/vulnerabilities/9393