4 matches found
EUVD-2017-9725
Malware in sbrugna...
CVE-2017-18612
The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter...
Design/Logic Flaw
The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter...
CVE-2017-18612
The CVE-2017-18612 entry affects WordPress plugin wp-whois-domain version 1.0.0. The issue is an XSS vulnerability in pages/func-whois.php domain parameter, caused by insufficient validation of client-side data. Exploitation is described as unauthenticated in several sources (WPVulndb/Exploits), ...