The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscout_send_message_chat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues
CPE | Name | Operator | Version |
---|---|---|---|
workscout | lt | 2.0.33 | |
workscout_core | lt | 1.3.4 |