CVE-2016-10984

The EchoSign plugin for WordPress (pre-1.2) is affected by a reflected XSS via the inc.php page parameter. This vulnerability is documented across multiple sources (NVD, Red Hat, CVE lists, WPVulnDB) noting the plugin version constraint and the XSS vector. No exploit or workaround details are pro...

CVE-2016-10985

The CVE-2016-10985 entry affects the WordPress EchoSign plugin (before 1.2). A reflected Cross-Site Scripting (XSS) vulnerability exists via the templates/add_templates.php id parameter. NVD records a CVSS v3.1 base score of 6.1 (NETWORK, LOW attack complexity, PR:N, UI:R, changed scope; Confiden...