2 matches found
CVE-2020-29304
CVE-2020-29304 concerns the SabaiApps WordPress Directories Pro plugin (versions ≤ 1.3.45). The vulnerability arises because the plugin did not sanitize inputs during CSV import, enabling arbitrary HTML/JavaScript injection when a site administrator is prompted to import a crafted CSV file. The r...
WordPress DirectoriesPro 1.3.45 Cross Site Scripting
Title: Reflected XSS Product: WordPress DirectoriesPro Plugin by SabaiApps Vendor Homepage: https://directoriespro.com/ Vulnerable Version: 1.3.45 Fixed Version: 1.3.46 CVE Number: CVE-2020-29303 Author: Jack Misiura from The Missing Link Website: https://www.themissinglink.com.au Timeline:...