← Back to CVE List
CVE-2018-16285
Published:
2018-09-06T23:29Z
Last Modified:
2024-11-21T03:52Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
The UserPro plugin through 4.9.23 for WordPress allows XSS via the shortcode parameter in a userpro_shortcode_template action to wp-admin/admin-ajax.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt