22 matches found
Pressforward <= 5.2.3 - Reflected Cross-Site Scripting (XSS)
The plugin does not sanitise the $SERVER'QUERYSTRING' before outputting it back in the page, leading to a reflected Cross-Site Scripting issue. The issue was initially reported in v4.3.0 but was never fixed, and is still affecting v5.2.3...
WordPress PressForward plugin <= 5.2.3 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by DefenseCode in WordPress PressForward plugin versions = 5.2.3. Solution Update the WordPress PressForward plugin to the latest available version at least 5.2.4...