The Catch Breadcrumb plugin before 1.5.4 for WordPress allows Reflected XSS via the s parameter (a search query). Also affected are 16 themes (if the plugin is enabled) by the same author: Alchemist and Alchemist PRO, Izabel and Izabel PRO, Chique and Chique PRO, Clean Enterprise and Clean Enterprise PRO, Bold Photography PRO, Intuitive PRO, Devotepress PRO, Clean Blocks PRO, Foodoholic PRO, Catch Mag PRO, Catch Wedding PRO, and Higher Education PRO.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-23T12:39:32
Updated: 2024-08-04T11:48:58.007Z
Reserved: 2020-04-21T00:00:00
Link: CVE-2020-12054
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-04-23T15:15:14.280
Modified: 2024-11-21T04:59:11.533
Link: CVE-2020-12054
Redhat
No data.