Cross-site scripting (XSS) vulnerability in library/includes/payment/paypalexpress/DoDirectPayment.php in the Spotlight (spotlightyour) plugin 4.7 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the paymentType parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spotlightyour spotlightyour |