CVE-2020-25380: WordPress vulnerability

WordPress Plugin Store / Mike Rooijackers Recall Products V0.8 is affected by: Cross Site Scripting (XSS) via the ‘Recall Settings’ field in admin.php. An attacker can inject JavaScript code that will be stored and executed.

References

  • zeroaptitude.com/misha/wordpress-plugin-bug-hunting-part-2/
  • Share this info: