CVE-2018-5366

描述

The WPGlobus plugin 1.9.6 for WordPress has XSS via the `wpglobus_option[more_languages]` parameter to `wp-admin/options.php`.

受影響套件(1)

• Packagist/wpglobus/wpglobusfrom 0, < 1.9.7

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-5366
• PATCHhttps://github.com/WPGlobus/WPGlobus
• WEBhttps://github.com/d4wner/Vulnerabilities-Report/blob/master/wpglobus.md
• WEBhttps://wpvulndb.com/vulnerabilities/9003