1 results (0.006 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.15 versions. The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping on the $setacrionpage value. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-15-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •