An XSS vulnerability in qcopd-shortcode-generator.php in the Simple Link Directory plugin prior to 7.3.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML, because esc_html is not called for the "echo get_the_title()" or "echo $term->name" statement.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quantumcloud simple link directory |