The YourChannel WordPress plugin before 1.2.2 does not sanitize and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Yourchannel |
Plugin |
* |
1.2.2 (excluding) |
References