Prothemedesign: >> Browser Screenshots Security Vulnerabilities
The Browser Screenshots WordPress plugin before 1.7.6 allowed authenticated users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks as the image_class parameter of the browser-shot shortcode was not escaped.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-07-12