- It should not be possible for an attacker to inject AngularJS expressions by using curly braces. The application needs to either treat curly braces in user input as highly dangerous or avoid server-side reflection of user input entirely.
- WordPress Plugin WordPress Gallery Cross-Site Scripting (1.0)
- WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (4.5)
- WordPress Plugin SagePay Server Gateway for WooCommerce Cross-Site Scripting (1.0.8)
- WordPress Plugin Contact Form Builder by Contact Bank Cross-Site Scripting (2.0.226)
- WordPress Plugin IzeeChat-Live Chat Cross-Site Scripting (1.0)