Medium severity6.1NVD Advisory· Published Feb 6, 2018· Updated Jun 17, 2026
CVE-2018-6469
CVE-2018-6469
Description
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_tags parameter to wp-admin/options-general.php.
Affected products
2= 5.3.1+ 1 more
- (no CPE)range: = 5.3.1
- (no CPE)range: =5.3.1
Patches
Vulnerability mechanics
References
1- github.com/AntsKnows/CVE/blob/master/WP_Plugin_Flickr-rssnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.