The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard
CPE | Name | Operator | Version |
---|---|---|---|
multisite_content_copier\\/updater | lt | 2.1.2 |