Because of this vulnerability, the attackers can inject arbitrary web script or HTML.
Vulnerable parameters are “pages” and “hdnParentID”.
Upgrade this plugin.
Vendor | Product | Version | CPE |
---|---|---|---|
- | my_page_order | * | cpe:2.3:a:-:my_page_order:*:*:*:*:*:*:*:* |