IndiaNIC FAQs Manager 1.0 - Ask Question Form question Parameter XSS

The faqs-manager WordPress plugin was affected by an Ask Question Form question Parameter XSS security vulnerability...

WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities

IndiaNIC FAQ Settings Page is vulnerable for CSRF. The Ask Question area front-end is vulnerable for XSS. It is possible to insert alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field =================== We don't need the captcha Image when we have this ...