Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) discovered by Rasi Afeef (Patchstack Alliance) in WordPress CallRail Phone Call Tracking plugin (versions <= 0.4.9).
Update the WordPress CallRail Phone Call Tracking plugin to the latest available version (at least 0.4.10).
CPE | Name | Operator | Version |
---|---|---|---|
callrail phone call tracking | le | 0.4.9 |