2 matches found
CVE-2018-1000512
Tooltipy Tooltipy tooltips for WP version 5 contains a Cross Site Scripting XSS vulnerability in Glossary shortcode that can result in could allow anybody to do almost anything an admin can. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been...
CVE-2018-1000512
Tooltipy (tooltips for WP) plugin, version 5, contains a Cross-Site Scripting (XSS) vulnerability in the Glossary shortcode. The issue could allow an attacker to perform actions comparable to an admin (as described), with exploitation noted as requiring the user to follow a link. The vulnerabilit...