SupportFlow <= 0.6 - Stored Cross-Site Scripting (XSS)

2016-06-2800:00:00

Anonymous

wpscan.com

0.001 Low

EPSS

Percentile

36.3%

The SupportFlow WordPress plugin was affected by a Stored Cross-Site Scripting (XSS) security vulnerability.

CPENameOperatorVersion
supportflowlt0.7

CPE	Name	Operator	Version
	supportflow	lt	0.7

References

github.com/SupportFlow/supportflow/commit/c08d376072f093b650c49dcb44124f43ea0177b1

github.com/SupportFlow/supportflow/commit/c507cc863d161f87c28d0682714bf188ffac1a67

hackerone.com/reports/145086

hackerone.com/reports/145091

0.001 Low

EPSS

Percentile

36.3%

Related for WPVDB-ID:1B5BB8D1-AE43-4589-978E-A86E5A523A79