CVE-2018-16173 – LearnPress <= 3.0.12 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2018-16173

Cross-site scripting vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad Cross-Site Scripting (XSS) en versiones anteriores a la 3.1.0 de LearnPress permite a atacantes remotos inyectar scripts web o HTML arbitrarios utilizando vectores no especificados. • https://jvn.jp/en/jp/JVN85760090/index.html https://wordpress.org/plugins/learnpress • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •