Description
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module.
Remediation
References
Related Vulnerabilities
WordPress Plugin Forym-Modern Discussion Forum for Wordpress-Forums Cross-Site Scripting (1.5.8)
WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.32)
WordPress Plugin WP Coder-add custom html, css and js code Cross-Site Request Forgery (2.5.1)
Jboss EAP Improper Input Validation Vulnerability (CVE-2013-2185)