Vulnerabilities > Techotronic > ALL IN ONE Favicon
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-16 | CVE-2018-13832 | Cross-site Scripting vulnerability in ONE Favicon Multiple Persistent cross-site scripting (XSS) issues in the Techotronic all-in-one-favicon (aka All In One Favicon) plugin 4.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via Apple-Text, GIF-Text, ICO-Text, PNG-Text, or JPG-Text. | 3.5 |