Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can
References
Configurations
History
No history.
Information
Published : 2017-11-17 05:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-1000225
Mitre link : CVE-2017-1000225
CVE.ORG link : CVE-2017-1000225
JSON object : View
Products Affected
relevanssi
- relevanssi
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')