WordPress Plugin Cookie Law Bar 1.2.1 – ‘Clb_bar_msg’ Stored Cross-Site Scripting (XSS)

8,000,000

USD Price: ~435$

The “Bar Message” text field is vulnerable to stored XSS due to unsanitized user input

an authenticated attacker can retrieve cookies / sensitive data of all Wordpress users

Category: