2 matches found
CVE-2018-5285
The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php.
CVE-2018-5284
The ImageInject plugin 1.15 for WordPress has XSS via the flickr_appid parameter to wp-admin/options-general.php.