CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4833 – Nofollow Links <= 1.0.10 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-4833
Cross-site scripting (XSS) vulnerability in the Nofollow Links plugin before 1.0.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el plugin Nofollow Links en versiones anteriores a 1.0.11 para WordPress permite a atacantes remotos inyectar secuencia de comandos web o HTML arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN13582657/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2016-000125 http://www.securityfocus.com/bid/92077 https://wordpress.org/plugins/nofollow-links/changelog https://wpvulndb.com/vulnerabilities/8580 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •