Stored Cross-Site Scripting vulnerability found by wpl0v3r in WordPress ImageInject plugin (version 1.15). Vulnerable via the flickr_appid parameter to wp-admin/options-general.php.
1/9/2018 - we were unable to find a patched version of the plugin. Dangerous to use.
CPE | Name | Operator | Version |
---|---|---|---|
imageinject | eq | 1.15 |