3 matches found
EUVD-2017-9647
Malware in sbrugna...
Code injection
The raygun4wp plugin before 1.8.3 for WordPress has XSS in the settings, a different issue than CVE-2017-9288...
CVE-2017-9288
The WordPress Raygun4WP plugin (v1.8.0 and earlier) is vulnerable to a reflected XSS via sendtesterror.php (backurl parameter). Root cause: improper input handling enables injection of arbitrary script in the user’s browser, potentially leading to script execution in the site context. Affected pr...