3 matches found
Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting
The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. id: CVE-2016-10973 info: name: Brafton WordPress Plugin 3.4.8 - Cross-Site Scripting author: Harsh severity: medium description: | The Brafton plugin...
CVE-2016-10973
Affected software: Brafton WordPress Plugin prior to 3.4.8. Vulnerability: Cross‑Site Scripting (XSS) via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. Root cause/impact: Exposes injection of malicious scripts into pages viewed by users, enabling potentia...
CVE-2016-10973
The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php...