2 matches found
CVE-2017-18520
The democracy-poll plugin before 5.4 for WordPress has XSS via updatel10n in admin/class.DemAdminInit.php...
CVE-2017-18520
The vulnerability is in the WordPress Democracy Poll plugin (before version 5.4). The issue is an XSS in update_l10n handled by admin/class.DemAdminInit.php. Affected component: the democracy-poll plugin for WordPress; root cause: improper sanitization/escaping in the update_l10n flow leading to ...