CVE-2018-5364

Description

The WPGlobus plugin 1.9.6 for WordPress has XSS via the `wpglobus_option[browser_redirect][redirect_by_language]` parameter to `wp-admin/options.php`.

Affected packages (1)

• Packagist/wpglobus/wpglobusfrom 0, < 1.9.7

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-5364
• PATCHhttps://github.com/WPGlobus/WPGlobus
• WEBhttps://github.com/d4wner/Vulnerabilities-Report/blob/master/wpglobus.md
• WEBhttps://wpvulndb.com/vulnerabilities/9003