Reflected XSS Vulnerability in GamePlan Theme for WordPress (Version 1.5.13.2) due to Insufficient Input Sanitization

Reflected XSS Vulnerability in GamePlan Theme for WordPress (Version 1.5.13.2) due to Insufficient Input Sanitization

CVE-2018-11568 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for WordPress because of insufficient input sanitization, as demonstrated by the s parameter. In some (but not all) cases, the '<' and '>' characters have &lt; and &gt; representations.

Learn more about our Wordpress Pen Testing.