VYPR

CSS Hero

by WordPress

CVEs (1)

  • CVE-2019-19133MedDec 4, 2019
    risk 0.40cvss 6.1epss 0.02

    The CSS Hero plugin through 4.0.3 for WordPress is prone to reflected XSS via the URI in a csshero_action=edit_page request because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary JavaScript in the browser of an…