The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
averta master slider 3.5.1 |
||
averta master slider 3.2.7 |