The plugin does not sanitise and escape an URL before outputting it back in an attribute when a specific widget is present on a page, leading to a Reflected Cross-Site Scripting
On a page where the "Capture box | Rock Convert" widget is present, append ?"><script>alert(/XSS/)</script>, e.g: https://example.com/?"><script>alert(/XSS/)</script>
José Ricardo
José Ricardo
Yes
2022-10-10 (about 7 months ago)
2022-10-10 (about 7 months ago)
2022-10-10 (about 7 months ago)