2 matches found
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
CVE-2017-12948
The CVE-2017-12948 issue affects the WordPress PressForward plugin, specifically Core\Admin\PFTemplater.php in version 4.3.0 and earlier. The vulnerability is a Cross‑Site Scripting (XSS) flaw via PATH_INFO reflected into wp-admin/admin.php, related to PHP_SELF. Multiple sources (Red Hat CVE entr...