2 matches found
WordPress Appointmind plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Appointmind versions = 4.1.0...
Reflected XSS with parameters in PostComment
Impact An attacker could inject malicious web code into the users' web browsers by creating a malicious link. Patches The problem is fixed in 4.2.0 References Cross-site Scripting XSS - Reflected CWE-79...