The Related Posts for WordPress plugin up to and including 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Site Scripting issues.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
never5 related posts |