Description
An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizar_pffree_settings_save_get-users parameter.
Remediation
References
https://github.com/d4wner/Vulnerabilities-Report/blob/master/weblizar-pinterest-feeds.md
https://wpvulndb.com/vulnerabilities/9009
Related Vulnerabilities
CVE-2022-25908 Vulnerability in npm package create-choo-electron
CVE-2023-1454 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-common
CVE-2022-4111 Vulnerability in npm package tooljet
CVE-2023-45857 Vulnerability in npm package axios
CVE-2020-14340 Vulnerability in maven package org.jboss.xnio:xnio-api