mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-24 15:54:10 +02:00
0xMarcio
843 B
843 B
CVE-2018-10301
Description
Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.
POC
Reference
- https://medium.com/@squeal/wd-instagram-feed-1-3-0-xss-vulnerabilities-cve-2018-10300-and-cve-2018-10301-7173ffc4c271
- https://wpvulndb.com/vulnerabilities/9393