CVE-2015-9376 – iThemes Mobile < 1.2.8 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2015-9376

20 Apr 2015 — iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg(). iThemes Mobile antes de 1.2.8 para WordPress tiene una vulnerabilidad XSS a través de add_query_arg () y remove_query_arg (). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •