Vulnerabilities > Onthegosystems > Sitepress Multilingual CMS > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-09-26 CVE-2015-9416 Cross-site Scripting vulnerability in Onthegosystems Sitepress-Multilingual-Cms 2.9.3/3.2.6
The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.
network
low complexity
onthegosystems CWE-79
6.1
6.1