CVE-2015-9495 – Syndication Links < 1.0.3 - DOM-based Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2015-9495

13 May 2015 — The syndication-links plugin before 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier. El plugin syndication-links versiones anteriores a 1.0.3 para WordPress, presenta una vulnerabilidad de tipo XSS por medio del identificador de anclaje del archivo genericons/example.html. The Syndication Links plugin for WordPress is vulnerable to DOM-based Cross-Site Scripting via the genericons/example.html anchor identifier in versions up to 1.0.3 due to insufficient input sanitization and ... • https://wordpress.org/plugins/syndication-links/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •