In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 for WordPress, includes/adamrob-parralax-shortcode.php allows XSS via the title text. ("parallax" has a spelling change within the PHP filename.)
References
Configurations
History
No history.
Information
Published : 2019-02-05 18:29
Updated : 2023-12-10 12:44
NVD link : CVE-2019-7413
Mitre link : CVE-2019-7413
CVE.ORG link : CVE-2019-7413
JSON object : View
Products Affected
parallax_scroll_project
- parallax_scroll
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')