Medium severity6.1NVD Advisory· Published Feb 6, 2018· Updated Jun 17, 2026
CVE-2018-6468
CVE-2018-6468
Description
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_id parameter to wp-admin/options-general.php.
Affected products
2<=5.3.1+ 1 more
- (no CPE)range: <=5.3.1
- (no CPE)range: =5.3.1
Patches
Vulnerability mechanics
References
1- github.com/AntsKnows/CVE/blob/master/WP_Plugin_Flickr-rssnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.