Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pojo activity log |