The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin prior to 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg().
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
shibboleth project shibboleth |