2 matches found
WordPress Qards - Cross-Site Scripting
WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php. id: CVE-2017-18598 info: name: WordPress Qards - Cross-Site Scripting author: pussycat0x severity: medium description: WordPress Qards...
CVE-2017-18598
CVE-2017-18598 : WordPress Qards plugin (through 2017-10-11) contains a cross-site scripting vulnerability in html2canvasproxy.php where a remote document is specified via the URL parameter. Exploitation could allow an attacker to inject scripts into pages viewed by users, potentially stealing da...