5.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.5%
Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.
secunia.com/advisories/47475
wordpress.org/extend/plugins/pay-with-tweet/changelog/
www.exploit-db.com/exploits/18330
www.osvdb.org/78205
www.securityfocus.com/bid/51308
exchange.xforce.ibmcloud.com/vulnerabilities/72166