WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS

2014-11-1200:00:00

Halil Dalabasmaz

patchstack.com

EPSS

0.001

Percentile

45.9%

JSON

SupportEzzy Ticket System plugin is prone to the vulnerability that allows run XSS payloads and use sample payload to test. Also, URL input is not secure.

Solution

           Filter the input field.

References

www.exploit-db.com/exploits/35218/

EPSS

0.001

Percentile

45.9%

JSON

Related for PATCHSTACK:6E2B3AAE7AEAE30B951D7DA1F433CBC9