2 matches found
CVE-2017-18012
The CVE-2017-18012 entry concerns the WordPress plugin Z-URL Preview (versions up to 1.6.1/1.6.2 per sources). The vulnerability is a Cross‑Site Scripting (XSS) attack triggered through the parameter in the file class.zlinkpreview.php (the url parameter), enabling script injection in affected pag...
CVE-2017-18012
The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter...