Description
The src parameter for one script tag from this page is dirrectly controlled by user input. An attacker who can control the reference location to a JavaScript source file can load a script of their choice into an application.
Remediation
Your script should properly sanitize user input. Do not allow user-input to control script source location references.
Related Vulnerabilities
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (5.6.1)
WordPress Plugin Contact Form 7 Integrations Multiple Cross-Site Scripting Vulnerabilities (1.3.10)
WordPress Plugin Echo Sign Multiple Cross-Site Scripting Vulnerabilities (1.1)
WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.4.1)
WordPress Plugin WP Statistics Cross-Site Scripting (13.2.1)