Cross-Site Scripting (XSS) Vulnerability in Brafton WordPress Plugin

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.

Learn more about our Wordpress Pen Testing.