XSS Vulnerability in Qards Plugin for WordPress via html2canvasproxy.php

XSS Vulnerability in Qards Plugin for WordPress via html2canvasproxy.php

CVE-2017-18598 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php.

Learn more about our Wordpress Pen Testing.