3 matches found
CVE-2017-16758
Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...
CVE-2017-16758
Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...
CVE-2017-16758
CVE-2017-16758 affects WordPress via the Ultimate Instagram Feed plugin up to version 1.3, in the admin/partials/uif-access-token-display.php file. The vulnerability is an XSS in which the attacker can inject script/HTML through the access_token parameter, with evidence of a PoC demonstrating ref...