VYPR

Manual Image Crop

by WordPress

CVEs (1)

  • CVE-2015-9426MedSep 26, 2019
    risk 0.30cvss 4.6epss 0.01

    The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter.