CVE-2016-11012 – Sola Support Tickets < 3.13 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2016-11012

The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS. El plugin sola-support-tickets versiones anteriores a 3.13 para WordPress, presenta un control de acceso incorrecto para /wp-admin con una vulnerabilidad de tipo XSS resultante. • https://wordpress.org/plugins/sola-support-tickets/#developers https://wpvulndb.com/vulnerabilities/8389 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •