CVE-2017-15811

2017-10-23T17:29:00
ID CVE-2017-15811
Type cve
Reporter cve@mitre.org
Modified 2017-11-14T14:53:00

Description

The Pootle Button plugin before 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php.