Multiple cross-site scripting (XSS) vulnerabilities in callback.php in the efence plugin 1.3.2 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) message, (2) zoneid, (3) pubKey, or (4) privKey parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
efence project efence |