An XSS issue exists in the checklist plugin prior to 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
checklist checklist |