- It should not be possible for an attacker to inject AngularJS expressions by using curly braces. The application needs to either treat curly braces in user input as highly dangerous or avoid server-side reflection of user input entirely.
- WordPress Plugin WP Advanced Importer Cross-Site Scripting (2.1.1)
- WordPress Plugin PixelYourSite-Facebook Pixel (Events, WooCommerce & Easy Digital Downloads) Cross-Site Scripting (5.2.1)
- WordPress 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
- WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2)
- webadmin.php script