The QR Redirector WordPress plugin prior to 1.6.1 does not sanitise and escape some of the QR Redirect fields, which could allow users with a role as low as Contributor perform Stored Cross-Site Scripting attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qr redirector project qr redirector |