2 matches found
CVE-2018-0579
Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0579
The CVE relates to the WordPress plugin “Open Graph for Facebook, Google+ and Twitter Card Tags” (prior to v2.2.4.1). A reflected XSS was reported in the wd_fb_og_error parameter on GET edits, exploitable by an authenticated WordPress administrator via crafted link. Impact is arbitrary script exe...