- Home
- CVEs with nessus.description==The version of the Traffic Analyzer plugin for WordPress installed on the remote host fails to properly sanitize user-supplied input to the 'aoid' parameter of the 'ta_loaded.js.php' script before using it to generate dynamic HTML output. An attacker can leverage this issue to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top