• The <strong>src</strong> parameter for one <strong>script</strong> tag from this page is dirrectly controlled by user input. An attacker who can control the reference location to a JavaScript source file can load a script of their choice into an application.

• Your script should properly sanitize user input. Do not allow user-input to control script source location references.

• 

• CWE-79

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

• XSS

• WordPress Plugin Add Custom Link to WordPress Admin Bar Cross-Site Scripting (1.0)
• WordPress Plugin SEO Redirection Multiple Cross-Site Scripting Vulnerabilities (2.8)
• WordPress Plugin Users Ultra Membership Cross-Site Scripting (1.5.78)
• WordPress Plugin Toolset Types Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.2.1.1)
• WordPress Plugin LB Tube Video for WordPress Cross-Site Scripting (1.0)