Security Advisory

CVE-2015-9438

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-26 01:22:16

Last updated 2024-08-06 08:51:05

Assigner mitre

State PUBLISHED

Description

The display-widgets plugin before 2.04 for WordPress has XSS via the wp-admin/admin-ajax.php?action=dw_show_widget id_base, widget_number, or instance parameter.

← Browse all CVEs View on cve.org ↗