Cross-site scripting (XSS) vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/content-cards/#developers | Release Notes Vendor Advisory |
https://wpvulndb.com/vulnerabilities/8971 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-12-03T19:00:00
Updated: 2017-12-04T10:57:01
Reserved: 2017-12-03T00:00:00
Link: CVE-2017-17096
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-12-03T19:29:00.190
Modified: 2017-12-21T17:05:32.827
Link: CVE-2017-17096
JSON object: View
Redhat Information
No data.
CWE