Vulnerabilities > Manual Image Crop Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-26 | CVE-2015-9426 | Cross-site Scripting vulnerability in Manual Image Crop Project Manual Image Crop The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter. | 4.6 |