The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-12-23T02:00:00Z

Updated: 2024-09-17T04:04:49.966Z

Reserved: 2018-12-22T00:00:00Z

Link: CVE-2018-20368

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-12-23T02:29:00.297

Modified: 2024-11-21T04:01:20.103

Link: CVE-2018-20368

cve-icon Redhat

No data.