CVE-2017-18012

CVE-2017-18012

EPSS 1.5%

The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://packetstormsecurity.com/files/145218/WordPress-Z-URL-Preview-1.6.1-Cross-Site-Scripting.html https://plugins.svn.wordpress.org/z-url-preview/trunk/readme.txt https://wordpress.org/plugins/z-url-preview/#developers https://wordpress.org/support/topic/z-url-preview-1-6-1-cross-site-scripting/https://wpvulndb.com/vulnerabilities/8990