CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-7413 – Parallax Scroll <= 2.0.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-7413
03 Feb 2019 — In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 for WordPress, includes/adamrob-parralax-shortcode.php allows XSS via the title text. ("parallax" has a spelling change within the PHP filename.) En el plugin Parallax Scroll (también conocido como adamrob-parallax-scroll), en versiones anteriores a la 2.1 para WordPress, "includes/adamrob-parralax-shortcode.php" permite Cross-Site Scripting (XSS) mediante el texto del título. ("parallax" tiene un cambio ortográfico dentro del nombre de ... • https://metamorfosec.com/Files/Advisories/METS-2019-004-A_XSS_Vulnerability_in_Parallax_Scroll_plugin_before_v2.1_for_WordPress.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •