The CM Tooltip Glossary WordPress plugin prior to 3.9.21 does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cminds tooltip glossary |