Description The plugin does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL
0;http://smth.me/" HTTP-EQUIV="refresh" a="a)
3) Save the post and view it. You will see that you are redirected.CPE | Name | Operator | Version |
---|---|---|---|
eq | 3.7.1 |