Description
WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews.php, admin/editbannersuser.php, admin/editfaqscategory.php, or admin/excludeuser.php, or the offset parameter to admin/edituser.php.
Remediation
References
Related Vulnerabilities
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)
WordPress Plugin Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.7)
WordPress Plugin WordPress File Upload Cross-Site Scripting (4.3.3)
WordPress Plugin Site Reviews Multiple Vulnerabilities (6.5.1)