The Slimstat Analytics WordPress plugin prior to 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated malicious users to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wp-slimstat slimstat analytics |