The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting
Affected Software
Name |
Vendor |
Start Version |
End Version |
Tablesome |
Pauple |
* |
1.0.9 (excluding) |
References