Description
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Custom css-js-php Cross-Site Request Forgery (2.0.7)
WordPress Plugin Ultimate TinyMCE Multiple Unspecified Vulnerabilities (5.0)
WordPress Plugin Splashing Images Multiple Vulnerabilities (2.1)
Apache HTTP Server Other Vulnerability (CVE-1999-0926)
WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0)