Donorbox: >> Donorbox >> 7.1.5 Security Vulnerabilities
The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed
CVSS Score
4.8
EPSS Score
0.023
Published
2022-04-25