Description The plugin does not sanitise and escape a parameter before outputting it back in the page containing a specific content, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
On a post/page where containing the following output (which can be as txt in the post content): “id”:““customThumbnail”:”", make a logged in admin open the URL below: https://example.com/related-page-post/?hash=*(?:'>)*
CPE | Name | Operator | Version |
---|---|---|---|
eq | 3.9.2 |