CVE-2015-9438
The CVE-2015-9438 entry concerns the WordPress display-widgets plugin. Affected product: WordPress display-widgets (plugin) versions before 2.04. Root cause: lack of input validation in the web application leads to cross-site scripting. Impact: XSS via admin-ajax.php endpoint (action=dw_show_widg...