CVE-2018-13832

Published: 2018-07-16T20:29Z

Last Modified: 2024-11-21T03:48Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Multiple Persistent cross-site scripting (XSS) issues in the Techotronic all-in-one-favicon (aka All In One Favicon) plugin 4.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via Apple-Text, GIF-Text, ICO-Text, PNG-Text, or JPG-Text. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt