2 matches found
CVE-2018-6001
The Soundy Audio Playlist plugin 4.6 and below for WordPress has Cross-Site Scripting via soundy-audio-playlist\templates\front-end.php warsdyplpreview parameter...
CVE-2018-6001
The connected sources confirm CVE-2018-6001 is a Cross-Site Scripting vulnerability in the Soundy Audio Playlist plugin for WordPress, affecting version 4.6 and earlier. The root cause is an XSS flaw in the front-end template (soundy-audio-playlist/templates/front-end.php) via the war_sdy_pl_prev...