4 matches found
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
EUVD-2017-4472
Malware in sbrugna...
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
WordPress PressForward plugin <=4.3.0 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability found by Neven Biruski in WordPress PressForward plugin version 4.3.0 and earlier versions. An attacker can trick the logged in user with administrator rights to visit a link with vulnerable JavaScript and execute the malicious code. Solution At this moment...