2 matches found
PT-2024-39160 · WordPress · Koko Analytics
Name of the Vulnerable Software and Affected Versions: Koko Analytics plugin for WordPress versions prior to 1.3.13 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web scripts in pages. This can...
CVE-2017-20057
A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to addres...