Medium severity6.1NVD Advisory· Published Aug 28, 2019· Updated Jun 17, 2026
CVE-2015-9370
CVE-2015-9370
Description
Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Invoices Add-on for iThemes Exchangedescription
- Range: <1.4.0
Patches
Vulnerability mechanics
References
2- blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.htmlnvdThird Party Advisory
- ithemes.com/coordinated-wordpress-plugin-security-update/nvdVendor Advisory
News mentions
0No linked articles in our index yet.