Michael Yoshitaka Erlewine

1 exploit Active since Sep 2017
CVE-2017-14313 WRITEUP MEDIUM WRITEUP
Shibboleth < 1.7 - Cross-Site Scripting via shibboleth_login_form
The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg().
CVSS 6.1