CVE-2018-13832

Multiple Persistent cross-site scripting (XSS) issues in the Techotronic all-in-one-favicon (aka All In One Favicon) plugin 4.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via Apple-Text, GIF-Text, ICO-Text, PNG-Text, or JPG-Text.
Configurations

Configuration 1

cpe:2.3:a:techotronic:all_in_one_favicon:*:*:*:*:*:wordpress:*:*

Information

Published : 2018-07-16 08:29

Updated : 2018-09-13 01:55


NVD link : CVE-2018-13832

Mitre link : CVE-2018-13832

Products Affected
No products.
CWE