2023-04-17 12:17:43
WPScan
PUBLISHED
The W4 Post List WordPress plugin before 2.4.6 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting