2 matches found
CVE-2017-18609
The CVE-2017-18609 entry concerns the WordPress plugin magic-fields, specifically versions before 1.7.2, which is vulnerable to cross-site scripting via the custom-write-panel-id parameter. Affected component: magic-fields plugin for WordPress. Root cause: XSS vulnerability in handling the custom...
CVE-2017-18609
The magic-fields plugin before 1.7.2 for WordPress has XSS via the custom-write-panel-id parameter...