The new-year-firework WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
http://www.example.com/wp-content/plugins/new-year-firework/firework/index.php?text=“><”
CPE | Name | Operator | Version |
---|---|---|---|
new-year-firework | eq | * |