Pickplugins: >> Accordion >> 2.2.18 Security Vulnerabilities
The tab GET parameter of the settings page is not sanitised or escaped when being output back in an HTML attribute, leading to a reflected XSS issue.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-05-14