Description
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.
Remediation
References
Related Vulnerabilities
MediaWiki Insufficiently Protected Credentials Vulnerability (CVE-2020-35623)
WordPress Plugin iThemes Security (formerly Better WP Security) Information Disclosure (5.1.1)
WordPress Plugin Drop Shadow Boxes Security Bypass (1.7.1)
WordPress Plugin youForms for WordPress-Creating Forms for CopeCart Cross-Site Scripting (1.0.5)