The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS payload in it, which will be executed in all pages of the blog
CPE | Name | Operator | Version |
---|---|---|---|
smooth_scroll_page_up\\/down_buttons | le | 1.4 |