CVE-2015-9374 – Stripe Add-on for iThemes Exchange < 1.2.0 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2015-9374

20 Apr 2015 — Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). la extensión Stripe para iThemes Exchange antes de 1.2.0 para WordPress tiene una vulnerabilidad XSS a través de add_query_arg () y remove_query_arg (). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •