2 matches found
WordPress Gwolle Guestbook plugin <= 4.1.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Gwolle Guestbook plugin versions = 4.1.2. Solution Update the WordPress Gwolle Guestbook plugin to the latest available version at least 4.2.0...
PT-2021-15525 · Unknown · File-Upload-With-Preview
Name of the Vulnerable Software and Affected Versions: file-upload-with-preview versions prior to 4.2.0 Description: The issue allows a file containing malicious JavaScript code in its name to be uploaded, but this requires a user to be tricked into uploading such a file. Recommendations: For...