2021-09-20 10:06:24
WPScan
PUBLISHED
The Splash Header WordPress plugin before 1.20.8 doesnt sanitise and escape some of its settings while outputting them in the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue.