- It should not be possible for an attacker to inject AngularJS expressions by using curly braces. The application needs to either treat curly braces in user input as highly dangerous or avoid server-side reflection of user input entirely.
- WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
- WordPress Plugin Cherry Cross-Site Scripting (188.8.131.52)
- WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)
- WordPress Plugin 1player Cross-Site Scripting (1.3)
- WordPress Plugin Advance Categorizer Cross-Site Scripting (0.3)