WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting
WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated reflected cross-site scripting vulnerability via the views/dashboard/index.php p parameter. id: CVE-2019-19134 info: name: WordPress Hero Maps Premium =2.2.2 or apply the vendor-provided patch to fix the XSS...