The Inspirational Quote Rotator WordPress plugin through 1.0.0 does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the “Quotes list” even when the unfiltered_html capability is disallowed
CPE | Name | Operator | Version |
---|---|---|---|
inspirational_quote_rotator | le | 1.0.0 |