- Lana Codes
- Common Vulnerabilities
MashShare by WPChill <= 3.8.6 - Contributor+ Stored XSS
LANACOMMONVDB ID: 8bbbc580-58c5-4356-851f-dda197d1549f
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
You must be log in to view vulnerability details.
Or register a new account.