VYPR

multicons

by WordPress

CVEs (1)

  • CVE-2015-9424MedSep 26, 2019
    risk 0.42cvss 6.5epss 0.01

    The multicons plugin before 3.0 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=multicons%2Fmulticons.php global_url or admin_url parameter.