Unvalidated input and lack of output encoding in the WP Customer Reviews WordPress plugin, versions prior to 3.4.3, lead to multiple Stored Cross-Site Scripting vulnerabilities allowing remote malicious users to inject arbitrary JavaScript code or HTML.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gowebsolutions wp customer reviews |